Preventivní kontrola

Zpráva

cocinella · #1 Příspěvek od **cocinella** » 20 říj 2014 19:13

Zdravím, prosím o preventivní kontrolu, notebook běží korektně, ale občas se při prohlížení internetu zasekne a prohlížeč (google chrome) spadne.

Děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Eliška administrátor at 2014-10-20 20:12:31
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 782 GB (86%) free of 908 GB
Total RAM: 8055 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:12:33, on 20.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\PROGRA~2\Lenovo\LENOVO~3\CAPOSD.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Eliška administrátor\Downloads\hijackthis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Eliška administrátor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Lenovo EasyCamera_Monitor] C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [MuteSync] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [CAPOSD] C:\PROGRA~2\Lenovo\LENOVO~3\CAPOSD.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [icq] C:\Users\Eliška administrátor\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2994029813-3913644161-4273365563-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2994029813-3913644161-4273365563-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Eliška administrátor\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Eliška administrátor\AppData\Roaming\ICQM\icq.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Fast boot service of lenovo (NSDSvc) - Unknown owner - C:\Windows\System32\NSDSvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13942 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 28597504
\??\C:\Windows\system32\conhost.exe "-1124457264-1818870261-1563708977-887346979-998753354-1186291441-652936375-1868255083
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\ProgramData\IePluginServices\PluginService.exe -service
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
WLIDSvcM.exe 1060
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Microsoft Security Client\msseces.exe" -Recover
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Windows\System32\StikyNot.exe" /restart
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
"C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
taskeng.exe {306F5D6A-18E2-4483-927B-E9A8902C7C03}
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe"
"C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\PROGRA~2\Lenovo\LENOVO~3\CAPOSD.exe"
"C:\Windows\system32\igfxtray.exe"
"C:\Windows\system32\hkcmd.exe"
"C:\Windows\system32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\notepad.exe"
"C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5540.0.927322387\923320133" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2712 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5540.2.1800164226\1599273600" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5540.4.930923613\1800780834" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5540.6.679968465\641994171" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5540.7.1370544993\602558372" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5540.10.1402281353\504075108" /prefetch:673131151
"C:\Windows\system32\calc.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5540.32.525980101\1519775045" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5540.35.885487557\531015169" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5540.40.2059201720\396962370" /prefetch:673131151
"C:\Users\Eliška administrátor\Downloads\hijackthis.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Eliška administrátor\Downloads\hijackthis.log
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5540.45.698894644\1299167419" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="5540.46.905233037\1115159568" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe38_ Global\UsGthrCtrlFltPipeMssGthrPipe38 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Eliška administrátor\Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-27 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-27 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-03-31 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-03-31 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-03-31 439064]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-11-10 2847016]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-01-31 12446824]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 1156712]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2011-11-10 408872]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-06-14 789856]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-14 222504]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-06-14 8079408]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-06-14 6202416]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2012-06-14 206176]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"icq"=C:\Users\Eliška administrátor\AppData\Roaming\ICQM\icq.exe [2014-10-01 35239432]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"Lenovo EasyCamera_Monitor"=C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [2012-02-06 258936]
"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2011-06-01 506712]
"MuteSync"=C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [2012-02-04 343040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"Lenovo Registration"=C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2012-01-26 4351712]
"Intelligent Touchpad"=C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [2011-12-08 291272]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-27 222504]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2012-06-14 329056]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-14 222504]
"CAPOSD"=C:\PROGRA~2\Lenovo\LENOVO~3\CAPOSD.exe [2012-02-09 1876992]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-03-27 434688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-20 20:12:31 ----D---- C:\rsit
2014-10-15 21:15:06 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 21:15:06 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 21:15:05 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 21:15:05 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 21:15:05 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 21:15:05 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 21:15:05 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 21:14:57 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 21:14:57 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 21:14:57 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 21:14:55 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 21:14:54 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 21:14:54 ----A---- C:\Windows\system32\mf.dll
2014-10-15 21:14:53 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 21:14:53 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 21:14:52 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 21:14:51 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 21:14:46 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 21:14:45 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 21:14:45 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 21:14:45 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 21:14:45 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 21:14:45 ----A---- C:\Windows\system32\ci.dll
2014-10-15 21:14:45 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 21:14:44 ----A---- C:\Windows\system32\winload.exe
2014-10-15 21:14:44 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 21:14:43 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 21:14:41 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 21:14:40 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 21:14:39 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 21:14:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 21:14:38 ----A---- C:\Windows\system32\evr.dll
2014-10-15 21:14:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 21:14:36 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 21:14:35 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 21:14:33 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 21:14:31 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 21:14:31 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 21:14:31 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 21:14:31 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 21:14:30 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 21:14:30 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 21:14:30 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 21:14:30 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 21:14:30 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 21:14:30 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 21:14:30 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 21:14:30 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 21:14:30 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 21:14:29 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 21:14:29 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 21:14:29 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 21:14:28 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 21:14:28 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 21:14:28 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 21:14:28 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 21:14:28 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 21:14:28 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 21:14:28 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 21:14:28 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 21:14:28 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 21:14:27 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 21:14:27 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 21:14:27 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 21:14:27 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 21:14:26 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 21:14:26 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 21:14:25 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 21:14:25 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 21:14:25 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 21:14:25 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 21:14:25 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 21:14:25 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 21:14:25 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 21:14:25 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 21:14:25 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 21:14:25 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 21:14:25 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 21:14:25 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 21:14:25 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 21:14:25 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 21:14:08 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 21:14:08 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 21:14:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 21:14:06 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 21:14:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 21:14:06 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 21:14:06 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 21:14:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 21:14:05 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 21:14:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 21:14:05 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 21:14:05 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 21:14:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 21:14:05 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 21:14:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 21:14:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 21:14:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 21:14:04 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 21:14:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 21:14:03 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 21:14:03 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 21:14:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 21:14:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 21:14:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 21:14:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 21:14:01 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 21:14:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 21:14:01 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 21:14:01 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 21:14:01 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 21:14:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 21:14:00 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 21:14:00 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 21:14:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 21:14:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 21:14:00 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 21:13:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 21:13:59 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 21:13:59 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 21:13:59 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 21:13:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 21:13:58 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 21:13:58 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 21:13:58 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 21:13:58 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 21:13:58 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 21:13:58 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 21:13:57 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 21:13:57 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 21:13:57 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 21:13:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 21:13:57 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 21:13:57 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 21:13:56 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 21:13:56 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 21:12:24 ----A---- C:\Windows\system32\msi.dll
2014-10-15 21:12:23 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 21:12:19 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 21:12:19 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 21:12:15 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 21:12:15 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 21:12:15 ----A---- C:\Windows\system32\mstsc.exe
2014-10-15 21:12:14 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 21:12:14 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-15 21:12:14 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-15 21:12:14 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 21:12:14 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 21:12:14 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 21:12:14 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 21:12:14 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 21:12:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 21:12:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 21:12:13 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 21:12:13 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 21:12:13 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 21:12:06 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 21:12:06 ----A---- C:\Windows\system32\packager.dll
2014-10-01 16:48:51 ----D---- C:\Users\Eliška administrátor\AppData\Roaming\ICQ-Profile
2014-10-01 16:48:51 ----D---- C:\Users\Eliška administrátor\AppData\Roaming\ICQM
2014-10-01 16:42:39 ----RD---- C:\Program Files (x86)\Skype
2014-10-01 11:08:37 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-01 11:08:37 ----A---- C:\Windows\system32\qdvd.dll
2014-09-28 14:07:19 ----D---- C:\Users\Eliška administrátor\AppData\Roaming\Skype
2014-09-24 12:16:34 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-24 12:16:34 ----A---- C:\Windows\system32\tzres.dll
2014-09-22 19:08:16 ----D---- C:\Users\Eliška administrátor\AppData\Roaming\SoftGrid Client
2014-09-22 19:04:12 ----D---- C:\Program Files (x86)\Microsoft Works
2014-09-22 19:03:42 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2014-09-22 19:01:09 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-22 19:00:35 ----D---- C:\ProgramData\Microsoft Help

======List of files/folders modified in the last 1 month======

2014-10-20 20:12:32 ----D---- C:\Program Files\trend micro
2014-10-20 20:12:18 ----D---- C:\Windows\Temp
2014-10-20 19:39:11 ----D---- C:\Windows\inf
2014-10-20 19:39:11 ----AD---- C:\Windows\System32
2014-10-20 19:39:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-20 19:19:41 ----D---- C:\Windows\system32\config
2014-10-20 18:56:54 ----D---- C:\ProgramData\VeriFace
2014-10-19 22:29:06 ----D---- C:\The KMPlayer
2014-10-19 21:02:17 ----D---- C:\Windows\Prefetch
2014-10-18 20:25:10 ----D---- C:\Users\Eliška administrátor\AppData\Roaming\uTorrent
2014-10-18 19:23:51 ----A---- C:\Windows\SYSWOW64\log.txt
2014-10-18 19:22:07 ----D---- C:\Windows\winsxs
2014-10-18 19:20:37 ----D---- C:\Program Files\Internet Explorer
2014-10-18 19:20:36 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-18 19:20:36 ----D---- C:\Windows\SysWOW64
2014-10-18 19:20:36 ----D---- C:\Windows\system32\en-US
2014-10-18 19:20:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-18 15:56:26 ----SHD---- C:\Windows\Installer
2014-10-18 10:50:43 ----RD---- C:\Program Files (x86)
2014-10-18 10:50:38 ----D---- C:\Windows\Tasks
2014-10-18 10:49:11 ----SHD---- C:\System Volume Information
2014-10-17 17:43:00 ----D---- C:\Windows\rescache
2014-10-16 18:53:56 ----D---- C:\Windows\Microsoft.NET
2014-10-16 18:53:32 ----RSD---- C:\Windows\assembly
2014-10-16 18:43:06 ----D---- C:\Windows\system32\catroot2
2014-10-16 18:39:12 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-16 18:39:12 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-16 18:39:12 ----D---- C:\Windows\system32\drivers
2014-10-16 18:39:12 ----D---- C:\Windows\system32\Dism
2014-10-16 18:39:12 ----D---- C:\Windows\system32\cs-CZ
2014-10-16 18:39:12 ----D---- C:\Program Files\Windows Media Player
2014-10-16 18:39:12 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-16 18:39:11 ----SD---- C:\Windows\system32\CompatTel
2014-10-16 18:39:11 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-16 18:39:11 ----D---- C:\Windows\system32\Boot
2014-10-16 18:39:06 ----SD---- C:\Users\Eliška administrátor\AppData\Roaming\Microsoft
2014-10-16 09:52:02 ----D---- C:\Windows\system32\MRT
2014-10-16 09:41:43 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 21:12:04 ----D---- C:\Windows\system32\catroot
2014-10-04 16:20:46 ----D---- C:\Windows\system32\NDF
2014-10-01 16:42:43 ----D---- C:\ProgramData\Skype
2014-10-01 16:42:39 ----D---- C:\Program Files (x86)\Common Files
2014-09-28 22:10:07 ----A---- C:\Windows\win.ini
2014-09-25 14:02:59 ----RSD---- C:\Windows\Fonts
2014-09-22 19:08:58 ----SD---- C:\ProgramData\Microsoft
2014-09-22 19:08:58 ----D---- C:\Program Files\Microsoft Office
2014-09-22 19:08:58 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-09-22 19:08:58 ----D---- C:\Program Files (x86)\Microsoft Office
2014-09-22 19:04:01 ----D---- C:\Program Files (x86)\MSBuild
2014-09-22 19:03:37 ----D---- C:\Windows\ShellNew
2014-09-22 19:02:48 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-09-22 19:00:35 ----HD---- C:\ProgramData
2014-09-22 08:42:39 ----N---- C:\Windows\system32\MpSigStub.exe
2014-09-21 18:43:57 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fbfmon;fbfmon; C:\Windows\system32\drivers\fbfmon.sys [2012-06-14 57952]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-30 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2012-06-14 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 NSD;NSD; C:\Windows\system32\drivers\nsd.sys [2011-12-24 24160]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-02-23 30016]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 BPntDrv;BPntDrv; C:\Windows\system32\drivers\BPntDrv.sys [2012-06-14 13408]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-12 283064]
R1 Nsdfltr;Nsdfltr; C:\Windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2012-06-14 30816]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-10-10 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-02-02 184360]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-02-02 211496]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-02-02 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-03-27 14748416]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-31 4739304]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 11417088]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 185344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-11-10 401456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2012-01-27 34200]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2011-10-24 313960]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-02-02 945440]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-12-08 618256]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-07-12 689032]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-08 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-08 277784]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-23 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-23 2458944]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-12-08 148752]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-07-12 535936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe []
S2 NSDSvc;Fast boot service of lenovo; C:\Windows\System32\NSDSvc.exe [2011-12-24 120160]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-03-31 276248]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 20 říj 2014 19:27

Zdravim

Tak se mu kouknem na zoubek, nebo sroubek...

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

cocinella · #3 Příspěvek od **cocinella** » 22 říj 2014 09:06

dekuji za odpoved, nasla jsem v te slozce dva logy:

# AdwCleaner v4.001 - Report created 22/10/2014 at 09:58:00
# Updated 20/10/2014 by Xplode
# Database : 2014-10-21.1
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Eliška administrátor - ELISKA
# Running from : C:\Users\Eliška administrátor\Downloads\adwcleaner_4.001.exe
# Option : Scan

***** [ Services ] *****

Service Found : IePluginServices
Service Found : WindowsMangerProtect
Service Found : {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64

***** [ Files / Folders ] *****

File Found : C:\Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
File Found : C:\Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage-journal
File Found : C:\Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Windows\System32\\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
Folder Found : C:\Program Files (x86)\trolatunt
Folder Found : C:\ProgramData\IePluginServices
Folder Found : C:\ProgramData\WindowsMangerProtect
Folder Found : C:\Users\Eliška administrátor\AppData\Roaming\omiga-plus
Folder Found : C:\Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Extensions\djopiogeifmallbgfdmhfjfiliahcdop
Folder Found : C:\Windows\Util

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1405152240&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DC507104
Key Found : HKCU\Software\SupHpUISoft
Key Found : [x64] HKCU\Software\SupHpUISoft
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Found : HKLM\SOFTWARE\omiga-plusSoftware
Key Found : HKLM\SOFTWARE\SupTab
Key Found : HKLM\SOFTWARE\supWindowsMangerProtect
Key Found : HKLM\SOFTWARE\supWPM
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405152240&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DC507104&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405152240&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DC507104&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405152240&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DC507104&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405152240&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DC507104&q={searchTerms}

-\\ Google Chrome v38.0.2125.104

*************************

AdwCleaner[R0].txt - [1749 octets] - [28/06/2014 21:25:56]
AdwCleaner[R1].txt - [4782 octets] - [22/10/2014 09:58:00]
AdwCleaner[S0].txt - [1788 octets] - [28/06/2014 21:46:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [4902 octets] ##########

# AdwCleaner v4.001 - Report created 22/10/2014 at 09:58:00
# Updated 20/10/2014 by Xplode
# Database : 2014-10-21.1
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Eliška administrátor - ELISKA
# Running from : C:\Users\Eliška administrátor\Downloads\adwcleaner_4.001.exe
# Option : Scan

***** [ Services ] *****

Service Found : IePluginServices
Service Found : WindowsMangerProtect
Service Found : {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64

***** [ Files / Folders ] *****

File Found : C:\Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
File Found : C:\Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage-journal
File Found : C:\Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Windows\System32\\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
Folder Found : C:\Program Files (x86)\trolatunt
Folder Found : C:\ProgramData\IePluginServices
Folder Found : C:\ProgramData\WindowsMangerProtect
Folder Found : C:\Users\Eliška administrátor\AppData\Roaming\omiga-plus
Folder Found : C:\Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Extensions\djopiogeifmallbgfdmhfjfiliahcdop
Folder Found : C:\Windows\Util

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1405152240&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DC507104
Key Found : HKCU\Software\SupHpUISoft
Key Found : [x64] HKCU\Software\SupHpUISoft
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Found : HKLM\SOFTWARE\omiga-plusSoftware
Key Found : HKLM\SOFTWARE\SupTab
Key Found : HKLM\SOFTWARE\supWindowsMangerProtect
Key Found : HKLM\SOFTWARE\supWPM
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405152240&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DC507104&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405152240&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DC507104&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405152240&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DC507104&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1405152240&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DC507104&q={searchTerms}

-\\ Google Chrome v38.0.2125.104

*************************

AdwCleaner[R0].txt - [1749 octets] - [28/06/2014 21:25:56]
AdwCleaner[R1].txt - [4782 octets] - [22/10/2014 09:58:00]
AdwCleaner[S0].txt - [1788 octets] - [28/06/2014 21:46:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [4902 octets] ##########

#4 Příspěvek od **Márty84** » 22 říj 2014 09:43

Poslala jste ale dvakrat ten samy log

Nechala jste nalezy i smazat?

cocinella · #5 Příspěvek od **cocinella** » 22 říj 2014 11:08

ach tak, v te slozce C:\AdwCleaner\AdwCleaner [S?].txt byly 4 logy a nevedela jsem, ktery chcete

po skonceni scanu jsem klikla na clean a ntb se zrestartoval

#6 Příspěvek od **Márty84** » 22 říj 2014 11:44

OK

Tak jdeme dal.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

cocinella · #7 Příspěvek od **cocinella** » 22 říj 2014 14:03

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.10.2014
Čas skenování: 13:29:28
Protokol: log.txt
Správce: Ano

Verze: 2.00.3.1025
Databáze malwaru: v2014.10.22.04
Databáze rootkitů: v2014.10.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: EliA!ka administrA!tor

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 550120
Uplynulý čas: 1 hod, 32 min, 44 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 1
PUP.Optional.AmazonTB.A, HKU\S-1-5-21-2994029813-3913644161-4273365563-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, , [7d3f38df89f350e67cbebfb3d430d62a],

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 11
PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir, , [d8e4bb5c4d2f7db95789650622dfbd43],
PUP.Optional.WPM.A, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, , [c1fb3ed9225a59dd4fc8dbc405fc05fb],
PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Users\EliA!ka administrA!tor\AppData\Roaming\omiga-plus\UninstallManager.exe.vir, , [a11bb166116bf2449dcf3a6136cbb44c],
PUP.Optional.Somoto, C:\Users\EliA!ka administrA!tor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6O0V0J19\setup[1].exe, , [b705f720126abe78ddc8a16a4db8d22e],
PUP.Optional.Somoto, C:\Users\EliA!ka administrA!tor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IM2MULIA\BiTool[1].dll, , [3a8234e3770578be5f5bc2ae0df5f60a],
PUP.Optional.Trolatunt.A, C:\Users\EliA!ka administrA!tor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UKSOUJV4\Setup[1].exe, , [cfedbf58a8d40432f6ec9cb779879769],
PUP.Optional.Somoto, C:\Users\EliA!ka administrA!tor\AppData\Local\Temp\bitool.dll, , [2d8f8a8d8af2c86ebefcfd73fe04f60a],
PUP.Optional.Trolotunt.A, C:\Users\EliA!ka administrA!tor\AppData\Local\Temp\trolatuntSetup.exe, , [e8d49e798eee23138dbb966f10f5ec14],
PUP.Optional.SearchHijacker.A, C:\Users\EliA!ka administrA!tor\AppData\Local\Temp\smt_omiga-plus_new.exe, , [6d4f2aed0f6dae8878bd71336d947d83],
PUP.Optional.OpenCandy, C:\Users\EliA!ka administrA!tor\Downloads\DTLite4491-0356.exe, , [516b888f4a3283b3300f2b23739227d9],
PUP.Optional.OpenCandy, C:\Users\EliA!ka bez oprA!vnÄ?nA\Downloads\DTLite-setup.exe, , [1ca01dfa88f456e04ef1e36b7c89a45c],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

#8 Příspěvek od **Márty84** » 22 říj 2014 14:07

Vsechny nalezy hodte do karanteny, pak MBAM odinstalujte.

Dejte novy log z RSIT.

cocinella · #9 Příspěvek od **cocinella** » 22 říj 2014 14:13

Logfile of random's system information tool 1.10 (written by random/random)
Run by Eliška administrátor at 2014-10-22 15:12:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 783 GB (86%) free of 908 GB
Total RAM: 8055 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:13:07, on 22.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Lenovo\Nsd\startupSupport.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\PROGRA~2\Lenovo\LENOVO~3\CAPOSD.exe
C:\Program Files\trend micro\Eliška administrátor.exe
C:\Windows\SysWOW64\RunDll32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Lenovo EasyCamera_Monitor] C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [MuteSync] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [CAPOSD] C:\PROGRA~2\Lenovo\LENOVO~3\CAPOSD.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [icq] C:\Users\Eliška administrátor\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2994029813-3913644161-4273365563-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2994029813-3913644161-4273365563-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Eliška administrátor\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Eliška administrátor\AppData\Roaming\ICQM\icq.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Fast boot service of lenovo (NSDSvc) - Unknown owner - C:\Windows\System32\NSDSvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12731 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 32943568
\??\C:\Windows\system32\conhost.exe "-3551484916994969781185106311932222524-210681997313129072617481817091638659626
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {685F8289-FAF9-4487-90A1-C8230BC874DA}
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\Lenovo\Nsd\startup.exe"
"C:\Program Files\Lenovo\Nsd\startupSupport.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {B2DE2FC7-E968-48FC-B104-772BF373B805}
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe"
"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
"C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe"
"C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\PROGRA~2\Lenovo\LENOVO~3\CAPOSD.exe"
"C:\Windows\system32\igfxtray.exe"
"C:\Windows\system32\hkcmd.exe"
"C:\Windows\system32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Users\Eliška administrátor\Downloads\RSITx64 (1).exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-27 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-27 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-03-31 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-03-31 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-03-31 439064]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-11-10 2847016]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-01-31 12446824]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 1156712]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2011-11-10 408872]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-06-14 789856]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-14 222504]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-06-14 8079408]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-06-14 6202416]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2012-06-14 206176]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"icq"=C:\Users\Eliška administrátor\AppData\Roaming\ICQM\icq.exe [2014-10-01 35239432]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"Lenovo EasyCamera_Monitor"=C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [2012-02-06 258936]
"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2011-06-01 506712]
"MuteSync"=C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [2012-02-04 343040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"Lenovo Registration"=C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2012-01-26 4351712]
"Intelligent Touchpad"=C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [2011-12-08 291272]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-27 222504]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2012-06-14 329056]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-14 222504]
"CAPOSD"=C:\PROGRA~2\Lenovo\LENOVO~3\CAPOSD.exe [2012-02-09 1876992]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-03-27 434688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-22 13:27:52 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-10-22 13:27:35 ----D---- C:\ProgramData\Malwarebytes
2014-10-22 13:27:35 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-22 13:27:35 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-10-22 13:27:35 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-10-22 13:27:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-10-20 20:12:31 ----D---- C:\rsit
2014-10-15 21:15:06 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 21:15:06 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 21:15:05 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 21:15:05 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 21:15:05 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 21:15:05 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 21:15:05 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 21:14:57 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 21:14:57 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 21:14:57 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 21:14:55 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 21:14:54 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 21:14:54 ----A---- C:\Windows\system32\mf.dll
2014-10-15 21:14:53 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 21:14:53 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 21:14:52 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 21:14:51 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 21:14:46 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 21:14:45 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 21:14:45 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 21:14:45 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 21:14:45 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 21:14:45 ----A---- C:\Windows\system32\ci.dll
2014-10-15 21:14:45 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 21:14:44 ----A---- C:\Windows\system32\winload.exe
2014-10-15 21:14:44 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 21:14:43 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 21:14:41 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 21:14:40 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 21:14:39 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 21:14:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 21:14:38 ----A---- C:\Windows\system32\evr.dll
2014-10-15 21:14:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 21:14:36 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 21:14:35 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 21:14:33 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 21:14:31 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 21:14:31 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 21:14:31 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 21:14:31 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 21:14:30 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 21:14:30 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 21:14:30 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 21:14:30 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 21:14:30 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 21:14:30 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 21:14:30 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 21:14:30 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 21:14:30 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 21:14:29 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 21:14:29 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 21:14:29 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 21:14:28 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 21:14:28 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 21:14:28 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 21:14:28 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 21:14:28 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 21:14:28 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 21:14:28 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 21:14:28 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 21:14:28 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 21:14:27 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 21:14:27 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 21:14:27 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 21:14:27 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 21:14:26 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 21:14:26 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 21:14:25 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 21:14:25 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 21:14:25 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 21:14:25 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 21:14:25 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 21:14:25 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 21:14:25 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 21:14:25 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 21:14:25 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 21:14:25 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 21:14:25 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 21:14:25 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 21:14:25 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 21:14:25 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 21:14:08 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 21:14:08 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 21:14:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 21:14:06 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 21:14:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 21:14:06 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 21:14:06 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 21:14:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 21:14:05 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 21:14:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 21:14:05 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 21:14:05 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 21:14:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 21:14:05 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 21:14:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 21:14:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 21:14:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 21:14:04 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 21:14:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 21:14:03 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 21:14:03 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 21:14:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 21:14:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 21:14:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 21:14:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 21:14:01 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 21:14:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 21:14:01 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 21:14:01 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 21:14:01 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 21:14:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 21:14:00 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 21:14:00 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 21:14:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 21:14:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 21:14:00 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 21:13:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 21:13:59 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 21:13:59 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 21:13:59 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 21:13:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 21:13:58 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 21:13:58 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 21:13:58 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 21:13:58 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 21:13:58 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 21:13:58 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 21:13:57 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 21:13:57 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 21:13:57 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 21:13:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 21:13:57 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 21:13:57 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 21:13:56 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 21:13:56 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 21:12:24 ----A---- C:\Windows\system32\msi.dll
2014-10-15 21:12:23 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 21:12:19 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 21:12:19 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 21:12:15 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 21:12:15 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 21:12:15 ----A---- C:\Windows\system32\mstsc.exe
2014-10-15 21:12:14 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 21:12:14 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-15 21:12:14 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-15 21:12:14 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 21:12:14 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 21:12:14 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 21:12:14 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 21:12:14 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 21:12:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 21:12:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 21:12:13 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 21:12:13 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 21:12:13 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 21:12:06 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 21:12:06 ----A---- C:\Windows\system32\packager.dll
2014-10-01 16:48:51 ----D---- C:\Users\Eliška administrátor\AppData\Roaming\ICQ-Profile
2014-10-01 16:48:51 ----D---- C:\Users\Eliška administrátor\AppData\Roaming\ICQM
2014-10-01 16:42:39 ----RD---- C:\Program Files (x86)\Skype
2014-10-01 11:08:37 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-01 11:08:37 ----A---- C:\Windows\system32\qdvd.dll
2014-09-28 14:07:19 ----D---- C:\Users\Eliška administrátor\AppData\Roaming\Skype
2014-09-24 12:16:34 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-24 12:16:34 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2014-10-22 15:13:07 ----D---- C:\Windows\Prefetch
2014-10-22 15:12:58 ----D---- C:\Program Files\trend micro
2014-10-22 15:12:57 ----A---- C:\Windows\SYSWOW64\log.txt
2014-10-22 15:12:53 ----D---- C:\Windows\Temp
2014-10-22 15:12:00 ----D---- C:\ProgramData\VeriFace
2014-10-22 15:11:17 ----D---- C:\Windows\system32\config
2014-10-22 15:10:29 ----D---- C:\Windows\system32\drivers
2014-10-22 15:10:29 ----D---- C:\Windows\system
2014-10-22 15:09:46 ----D---- C:\Users\Eliška administrátor\AppData\Roaming\uTorrent
2014-10-22 13:30:27 ----D---- C:\The KMPlayer
2014-10-22 13:27:35 ----RD---- C:\Program Files (x86)
2014-10-22 13:27:35 ----HD---- C:\ProgramData
2014-10-22 13:08:34 ----D---- C:\Windows\rescache
2014-10-22 13:00:02 ----SHD---- C:\System Volume Information
2014-10-22 09:59:32 ----D---- C:\AdwCleaner
2014-10-22 09:59:30 ----AD---- C:\Windows
2014-10-22 09:59:16 ----D---- C:\Windows\inf
2014-10-22 09:59:16 ----AD---- C:\Windows\System32
2014-10-22 09:59:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-18 19:22:07 ----D---- C:\Windows\winsxs
2014-10-18 19:20:37 ----D---- C:\Program Files\Internet Explorer
2014-10-18 19:20:36 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-18 19:20:36 ----D---- C:\Windows\SysWOW64
2014-10-18 19:20:36 ----D---- C:\Windows\system32\en-US
2014-10-18 19:20:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-18 15:56:26 ----SHD---- C:\Windows\Installer
2014-10-18 10:50:38 ----D---- C:\Windows\Tasks
2014-10-16 18:53:56 ----D---- C:\Windows\Microsoft.NET
2014-10-16 18:53:32 ----RSD---- C:\Windows\assembly
2014-10-16 18:43:06 ----D---- C:\Windows\system32\catroot2
2014-10-16 18:39:12 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-16 18:39:12 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-16 18:39:12 ----D---- C:\Windows\system32\Dism
2014-10-16 18:39:12 ----D---- C:\Windows\system32\cs-CZ
2014-10-16 18:39:12 ----D---- C:\Program Files\Windows Media Player
2014-10-16 18:39:12 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-16 18:39:11 ----SD---- C:\Windows\system32\CompatTel
2014-10-16 18:39:11 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-16 18:39:11 ----D---- C:\Windows\system32\Boot
2014-10-16 18:39:06 ----SD---- C:\Users\Eliška administrátor\AppData\Roaming\Microsoft
2014-10-16 09:56:05 ----D---- C:\ProgramData\Microsoft Help
2014-10-16 09:52:02 ----D---- C:\Windows\system32\MRT
2014-10-16 09:41:43 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 21:12:04 ----D---- C:\Windows\system32\catroot
2014-10-04 16:20:46 ----D---- C:\Windows\system32\NDF
2014-10-01 16:42:43 ----D---- C:\ProgramData\Skype
2014-10-01 16:42:39 ----D---- C:\Program Files (x86)\Common Files
2014-09-28 22:10:07 ----A---- C:\Windows\win.ini
2014-09-25 14:02:59 ----RSD---- C:\Windows\Fonts
2014-09-25 14:02:27 ----D---- C:\Program Files (x86)\Microsoft Works

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fbfmon;fbfmon; C:\Windows\system32\drivers\fbfmon.sys [2012-06-14 57952]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-30 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2012-06-14 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 NSD;NSD; C:\Windows\system32\drivers\nsd.sys [2011-12-24 24160]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-02-23 30016]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 BPntDrv;BPntDrv; C:\Windows\system32\drivers\BPntDrv.sys [2012-06-14 13408]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-12 283064]
R1 Nsdfltr;Nsdfltr; C:\Windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2012-06-14 30816]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-10-10 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-02-02 184360]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-02-02 211496]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-02-02 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-03-27 14748416]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-31 4739304]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-10-22 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 11417088]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 185344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-11-10 401456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2012-01-27 34200]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2011-10-24 313960]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-02-02 945440]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-12-08 618256]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-08 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-08 277784]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-23 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-23 2458944]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-12-08 148752]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
R3 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe []
S2 NSDSvc;Fast boot service of lenovo; C:\Windows\System32\NSDSvc.exe [2011-12-24 120160]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-03-31 276248]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#10 Příspěvek od **Márty84** » 22 říj 2014 14:17

V logu jeste MBAM je, tak ho nezapomente odinstalovat, jinak muze dochazet ke konfliktum s MSE

Jeste jeden sken si dame a budem mazat.

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

cocinella · #11 Příspěvek od **cocinella** » 22 říj 2014 15:12

extras:
OTL Extras logfile created on: 22.10.2014 15:24:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eliška administrátor\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,87 Gb Total Physical Memory | 4,60 Gb Available Physical Memory | 58,47% Memory free
15,73 Gb Paging File | 11,95 Gb Available in Paging File | 75,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 886,32 Gb Total Space | 764,66 Gb Free Space | 86,27% Space Free | Partition Type: NTFS
Drive D: | 25,47 Gb Total Space | 20,20 Gb Free Space | 79,29% Space Free | Partition Type: NTFS

Computer Name: ELISKA | User Name: Eliška administrátor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003EFA77-FE1E-4D8D-BA56-334E00B23EB7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{10C7A885-F66F-4D14-BFED-3A6EBCEEBFA1}" = rport=138 | protocol=17 | dir=out | app=system |
"{1FF8DDEF-6981-42AD-9808-7A1D29D36501}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{301FE115-EC2F-4CAD-B746-9F3B6A312F68}" = lport=138 | protocol=17 | dir=in | app=system |
"{33408104-8CA8-457B-ACE2-6EE7BDA976C2}" = rport=445 | protocol=6 | dir=out | app=system |
"{4FDA7EB8-49F0-47E4-A23C-5B54BE21BA24}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5BBF1C92-E66B-4EA2-91BA-1327E886600E}" = rport=139 | protocol=6 | dir=out | app=system |
"{6136F2DF-C057-46AF-A1E4-E35559218425}" = lport=10243 | protocol=6 | dir=in | app=system |
"{614958A5-7243-4A62-A126-0ADC7A667C77}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6AAA0200-1DED-487C-9BB6-C2C25F440B40}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7CF477CD-CAD4-497D-83F6-9321135115D0}" = lport=137 | protocol=17 | dir=in | app=system |
"{7F551554-9398-4860-BFB1-044E81898269}" = lport=139 | protocol=6 | dir=in | app=system |
"{86FCCC75-6CC3-4CF2-B7C8-8DB3503B321B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91746353-36F2-436A-9FF9-5F32850D0E30}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4548AD4-8B72-488F-A927-3F9F38D61761}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BAB0B3DA-CF29-4BA5-9483-C32AD3029E38}" = lport=445 | protocol=6 | dir=in | app=system |
"{BD1579C8-E5A2-4B24-B5AE-90FEFA402AD4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{C14A66F6-3B17-474D-B991-6FADFA95507D}" = rport=137 | protocol=17 | dir=out | app=system |
"{C35D5E66-5836-4342-B8AB-D71B404D35D9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C5EC97AE-935E-4E4B-8578-3E74F8353774}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CDB8DE6D-1833-4D43-8E60-B89BC9B93B22}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CE20C886-C437-46A7-8706-935A363B1CA2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E346DE07-8367-43B6-BD9E-918EFBC6C4D2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E7F488B6-C9ED-4244-80FF-E537901CA0FE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ED30AB72-7CDC-434C-9BC1-3F11DACA8284}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F275C482-108E-403B-8BD3-12497330724B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F868AE43-2862-4F2C-9B76-AA770F54B17A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08B30391-10D8-4F14-A1E1-32F7EFE5FCC8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0BB886A8-608E-4977-9230-CAE8BC46A4F0}" = protocol=17 | dir=in | app=c:\users\eliška bez oprávnění\appdata\roaming\utorrent\utorrent.exe |
"{24E6CE80-C0EC-4E71-AF81-0F0CE91AB6E6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2D4E7BB0-D589-41A9-B1A6-29CCDDF82671}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2DA22046-08CF-42F1-BC08-EAC15E331B17}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2EA7F8BD-3922-4C40-A12C-F01DDFE498A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3720EB35-0B30-487F-BAA6-D62668448877}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{38FD95FC-BCB9-4278-B285-54BF0127D314}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{3AAE4A1F-E829-4F71-9D65-5C3B0D71FCD2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{40751187-FDC5-4413-9F14-23F2454BD95D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{49BE7B64-351A-4603-821F-9A20F4CD4E4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4FB25ECA-1566-4150-B648-2CC018E61542}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5129C889-94DF-473C-8881-3B24712CF5BC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6E6B7293-ECA7-430A-ACDC-A753693041E5}" = protocol=6 | dir=out | app=system |
"{75782BDA-749A-42FF-BB95-B2AFCFE03AA7}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{7DF28D11-1EA1-4BC3-99C7-EF39FE62FC32}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{815457C9-2285-4CA3-8B8F-509AFCAF168F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{81FC14E1-C735-4329-9A3B-61A13AA7466C}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{82BFE851-C6AC-4DAD-B9F5-273F2A774B55}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8C88049C-F490-4E12-8957-F330AC5A6FD0}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{91237F2B-12F2-437C-BB48-093F1588F8D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{923FAAC4-26ED-4D3E-BCD5-7DB2375CF63E}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{94047FAC-04A7-4D43-8980-AD5F75D1AF4B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9E17AB4E-76A8-4EED-B4B0-8BACF0AE24B8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A567741D-88D1-4B3C-B377-12B6D9533FD8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{ADBA1660-714A-45DA-812D-7831C8A103DF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B072F090-4731-4CEE-9E73-936D2FC49513}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C38171BA-5547-455E-B6C1-5383F692BA82}" = dir=in | app=c:\program files (x86)\skypewebplugin\3.1.15602.22612\skypewebplugin.exe |
"{CDA04017-5B5B-4508-93D1-9FCCEF1CD637}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D51AB094-8ADB-4005-9325-99142C549C2D}" = protocol=6 | dir=in | app=c:\users\eliška bez oprávnění\appdata\roaming\utorrent\utorrent.exe |
"{D9474396-1582-4638-AAEF-BCCFE6878CCC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DC876377-5B3C-48D0-AD06-2E06CF5F3310}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DF9F7BF7-BD2C-436F-8AB5-334179EFF1F5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F91EE537-7AE1-43ED-B302-B6F9AA99E1CC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{31596641-58AC-41B0-836B-4389F240BD66}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{44078861-B5C1-404E-8AB2-DB13B03B2196}C:\users\eliška bez oprávnění\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\eliška bez oprávnění\downloads\utorrent.exe |
"TCP Query User{70E4718E-B633-4CC3-9403-14A6353C2C48}C:\users\eliška administrátor\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\eliška administrátor\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{79D5C5EC-2AA4-4D3E-9A8C-3C050C8325CA}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{F58D4D1A-5BF2-48D4-873A-016716A7C807}C:\users\eliška bez oprávnění\appdata\roaming\icq\application\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\users\eliška bez oprávnění\appdata\roaming\icq\application\icq7m\icq.exe |
"UDP Query User{1B499C9F-23FD-4C58-AEEF-D86D6A18F0E7}C:\users\eliška bez oprávnění\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\eliška bez oprávnění\downloads\utorrent.exe |
"UDP Query User{22B26C80-D459-4FEA-B566-795E8102DFB2}C:\users\eliška bez oprávnění\appdata\roaming\icq\application\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\users\eliška bez oprávnění\appdata\roaming\icq\application\icq7m\icq.exe |
"UDP Query User{4D76A13E-54D9-4268-9917-18EF74EB6579}C:\users\eliška administrátor\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\eliška administrátor\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{A3D5597D-78CA-4D74-B911-228C7E54EDEC}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{C387FADA-089E-40F1-A916-4E8C6BCB9A07}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\frd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8068ACF9-B398-4C14-BEF6-817F12024707}" = Windows Live Family Safety
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 295.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 295.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.1111
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DF7756DD-656A-45C3-BA71-74673E8259A9}" = Intel® PROSet/Wireless WiFi Software
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"99841829BE839365AA67B2AD0E50D371F59F8A1E" = Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1)
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"Microsoft Security Client" = Microsoft Security Essentials
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 5.10 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01db25f3-1b76-4d97-88c8-1c90634d88fb}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 False
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{16D5D9E9-C8DE-4014-A09C-B9B5ABA0F7FA}" = Lenovo MuteSync
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False
"{19B0831B-0C18-4103-86E4-90FCD04CD3B9}" = System Requirements Lab CYRI
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2af972c7-13b0-4978-92a8-fee26a4fb4e9}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}" = Lenovo Welcome
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 False
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4677B88C-CE16-4CBB-A2CB-B76E9D456C7F}" = Nsd
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{48DB5914-8772-472D-B8DF-E2092BE598F6}" = Adobe Flash Player 10 ActiveX
"{48F851E7-DD0C-4A35-AD7A-57878023E987}" = Lenovo CAPOSD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{615bc16d-60f5-482e-91b3-b51d8130963b}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69F300CB-D6BF-41DD-B7CC-983BAFF4EE15}" = Skype Web Plugin
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False
"{6c95b50e-cb5a-4a1f-a7b4-8a6004f8dd6a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False
"{6C9C70B9-4FDC-4D47-915B-84C4CE91C704}_is1" = Recolored 1.1.0
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}" = Intel(R) WiDi
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859CFAD7-D1FA-4995-AA12-B167CB67DCE4}" = Mechanika
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
"{DCB46B42-723F-350E-B18A-449BC6C21636}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 False
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{f0080ca2-80ae-4958-b6eb-e8fa916d744a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FDB0A81A-1173-4B15-BEA4-89FEA0474F17}" = Intelligent Touchpad
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{48F851E7-DD0C-4A35-AD7A-57878023E987}" = Lenovo CAPOSD
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Origin" = Origin
"Rust Klient pro www.rusted.cz 1.5.1" = Rust Klient pro www.rusted.cz 1.5.1
"SugarSync" = SugarSync Manager
"Sunplus SPUVCb" = Lenovo EasyCamera
"The KMPlayer" = The KMPlayer (remove only)
"VeriFace" = VeriFace
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2994029813-3913644161-4273365563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ICQ" = ICQ 8.2 (verze 7138)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1.10.2014 5:01:07 | Computer Name = Eliška | Source = NSDSvc | ID = 131328
Description = An error has occurred (---NlaSvc failed with 0, The Code is:0x710.).

Error - 1.10.2014 5:01:22 | Computer Name = Eliška | Source = NSDSvc | ID = 131328
Description = An error has occurred (---SecondWait2 failed with 74038, The Code
is:0x589.).

Error - 1.10.2014 5:01:22 | Computer Name = Eliška | Source = NSDSvc | ID = 131328
Description = An error has occurred (---MsMpSvc failed with 74038, The Code is:0x598.).

Error - 1.10.2014 5:01:22 | Computer Name = Eliška | Source = NSDSvc | ID = 131328
Description = An error has occurred (---MsMpSvc failed with 74038, The Code is:0x599.).

Error - 1.10.2014 5:01:22 | Computer Name = Eliška | Source = NSDSvc | ID = 131328
Description = An error has occurred (---WindowsMangerProtect failed with 74038,
The Code is:0x598.).

Error - 1.10.2014 5:01:22 | Computer Name = Eliška | Source = NSDSvc | ID = 131328
Description = An error has occurred (---WindowsMangerProtect failed with 74038,
The Code is:0x599.).

Error - 1.10.2014 5:01:22 | Computer Name = Eliška | Source = NSDSvc | ID = 131328
Description = An error has occurred (---IePluginServices failed with 74038, The
Code is:0x598.).

Error - 1.10.2014 5:01:22 | Computer Name = Eliška | Source = NSDSvc | ID = 131328
Description = An error has occurred (---IePluginServices failed with 74038, The
Code is:0x599.).

Error - 1.10.2014 5:01:22 | Computer Name = Eliška | Source = NSDSvc | ID = 131328
Description = An error has occurred (---SkypeUpdate failed with 74038, The Code
is:0x598.).

Error - 1.10.2014 5:01:22 | Computer Name = Eliška | Source = NSDSvc | ID = 131328
Description = An error has occurred (---SkypeUpdate failed with 74038, The Code
is:0x599.).

[ System Events ]
Error - 28.9.2014 4:30:58 | Computer Name = Eliška | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 28.9.2014 13:35:56 | Computer Name = Eliška | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 29.9.2014 14:05:27 | Computer Name = Eliška | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 1.10.2014 5:01:37 | Computer Name = Eliška | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby NVIDIA Update Service Daemon bylo dosaženo
časového limitu (30000 ms).

Error - 1.10.2014 5:01:37 | Computer Name = Eliška | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 1.10.2014 5:03:03 | Computer Name = Eliška | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 1.10.2014 11:02:34 | Computer Name = Eliška | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 4.10.2014 10:03:30 | Computer Name = Eliška | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 4.10.2014 10:16:45 | Computer Name = Eliška | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.185.2078.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%852 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu:
1.1.11005.0 Kód chyby: 0x8024402c Popis chyby: Při zjišťování aktualizací došlo k
neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi
naleznete v nápovědě a podpoře.

Error - 5.10.2014 15:58:25 | Computer Name = Eliška | Source = Service Control Manager | ID = 7043
Description = Služba Windows Update se po přijetí pokynu pro vypnutí neukončila
správně.

< End of report >

cocinella · #12 Příspěvek od **cocinella** » 22 říj 2014 15:13

OTL logfile created on: 22.10.2014 15:24:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eliška administrátor\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,87 Gb Total Physical Memory | 4,60 Gb Available Physical Memory | 58,47% Memory free
15,73 Gb Paging File | 11,95 Gb Available in Paging File | 75,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 886,32 Gb Total Space | 764,66 Gb Free Space | 86,27% Space Free | Partition Type: NTFS
Drive D: | 25,47 Gb Total Space | 20,20 Gb Free Space | 79,29% Space Free | Partition Type: NTFS

Computer Name: ELISKA | User Name: Eliška administrátor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.10.22 15:23:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eliška administrátor\Downloads\OTL.exe
PRC - [2014.10.10 04:04:06 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012.06.14 07:06:07 | 000,329,056 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
PRC - [2012.06.14 07:04:13 | 000,099,680 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
PRC - [2012.03.27 10:14:28 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.02.23 05:24:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.02.09 07:40:12 | 001,876,992 | ---- | M] (LENOVO) -- C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe
PRC - [2012.02.08 04:03:36 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.02.08 04:03:34 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.02.08 04:03:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.02.08 04:03:16 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.02.06 04:38:00 | 000,258,936 | ---- | M] () -- C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe
PRC - [2011.12.08 20:12:40 | 000,291,272 | ---- | M] () -- C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
PRC - [2011.06.06 21:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.01.29 08:29:36 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe

========== Modules (No Company Name) ==========

MOD - [2014.10.16 09:58:45 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll
MOD - [2014.10.16 09:58:35 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll
MOD - [2014.10.16 09:58:26 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014.10.16 09:58:24 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll
MOD - [2014.10.16 09:58:22 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll
MOD - [2014.10.16 09:58:20 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014.10.16 09:58:16 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014.10.16 09:58:15 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014.10.16 09:58:09 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014.10.16 09:58:09 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014.10.16 09:58:08 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014.10.10 04:04:04 | 014,902,600 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
MOD - [2014.10.10 04:04:02 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
MOD - [2014.10.10 04:03:56 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
MOD - [2014.10.10 04:03:54 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
MOD - [2014.10.10 04:03:53 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
MOD - [2014.07.10 17:20:09 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014.07.10 14:19:14 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2012.06.14 07:06:07 | 000,013,664 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
MOD - [2012.06.14 07:04:13 | 000,099,680 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
MOD - [2012.02.06 04:38:00 | 000,258,936 | ---- | M] () -- C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe
MOD - [2011.12.08 20:12:40 | 000,291,272 | ---- | M] () -- C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
MOD - [2011.06.28 08:28:38 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\QTKB.dll
MOD - [2011.06.02 22:58:18 | 000,132,448 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
MOD - [2011.06.02 22:57:44 | 000,161,120 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014.09.19 03:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.08.22 15:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014.08.22 15:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012.02.03 07:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2012.02.02 03:31:02 | 000,945,440 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011.12.24 03:51:22 | 000,120,160 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Windows\SysNative\NSDSvc.exe -- (NSDSvc)
SRV:64bit: - [2011.12.08 19:44:04 | 000,594,704 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2011.12.08 19:43:56 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011.12.08 19:43:48 | 000,618,256 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011.12.08 19:43:44 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014.04.03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.03.31 00:43:36 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.02.23 05:24:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.08 04:03:36 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.02.08 04:03:34 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.02.08 04:03:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012.02.08 04:03:16 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011.06.06 21:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.07.17 18:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014.07.12 10:02:05 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.06.14 07:09:53 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:64bit: - [2012.06.14 07:09:53 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:64bit: - [2012.06.14 07:09:19 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2012.06.14 07:09:19 | 000,030,816 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2012.06.14 06:17:29 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.03.27 10:13:20 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.03.27 10:13:20 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.03.27 10:13:18 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.03.27 04:09:56 | 014,748,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.02.23 05:24:00 | 000,030,016 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.02.02 05:07:18 | 000,615,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2012.02.02 05:07:18 | 000,134,696 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2012.02.02 05:07:12 | 000,211,496 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2012.02.02 05:07:12 | 000,184,360 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2012.02.02 05:07:12 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2012.02.02 05:07:12 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2012.01.27 03:37:24 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.01.27 03:37:24 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011.12.24 02:45:50 | 000,024,160 | ---- | M] (Lenovo Corporation") [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nsd.sys -- (NSD)
DRV:64bit: - [2011.12.22 06:57:42 | 000,059,488 | ---- | M] (Lenovo Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Nsdfltr.sys -- (Nsdfltr)
DRV:64bit: - [2011.12.06 13:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.12.02 07:51:00 | 011,417,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.11.30 04:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.11.10 14:40:26 | 000,401,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.11.10 11:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.10.24 09:47:28 | 000,313,960 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011.10.10 09:56:15 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.10.10 09:56:15 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.08.23 15:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.01.29 08:29:58 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.09.23 09:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009.07.21 23:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2994029813-3913644161-4273365563-1000\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2994029813-3913644161-4273365563-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-2994029813-3913644161-4273365563-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-2994029813-3913644161-4273365563-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2994029813-3913644161-4273365563-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2994029813-3913644161-4273365563-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2994029813-3913644161-4273365563-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7LENN
IE - HKU\S-1-5-21-2994029813-3913644161-4273365563-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin: C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin64.dll (Skype)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin: C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin.dll (Skype)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========== Chrome ==========

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: IntelÂ® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: IntelÂ® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Windows LiveÂ™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: No name found = C:\Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.6_0\
CHR - Extension: No name found = C:\Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynLenovoGestureMgr] C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics)
O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [CAPOSD] C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe (LENOVO)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe ()
O4 - HKLM..\Run: [Lenovo EasyCamera_Monitor] C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe ()
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKLM..\Run: [MuteSync] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe (Lenovo)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2994029813-3913644161-4273365563-1000..\Run: [Power2GoExpress] NA File not found
O4 - HKU\S-1-5-21-2994029813-3913644161-4273365563-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2994029813-3913644161-4273365563-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-2994029813-3913644161-4273365563-1001..\Run: [icq] C:\Users\Eliška administrátor\AppData\Roaming\ICQM\icq.exe (ICQ)
O4 - HKU\S-1-5-21-2994029813-3913644161-4273365563-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2994029813-3913644161-4273365563-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2994029813-3913644161-4273365563-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.105.46.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1DA14164-EB94-4E7A-AD40-16B7565759DC}: DhcpNameServer = 109.105.46.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6681272D-E054-47FC-A31B-ADE899277769}: DhcpNameServer = 61.13.0.10 61.13.0.99
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4974e065-0999-11e4-8db1-446d57860add}\Shell - "" = AutoRun
O33 - MountPoints2\{4974e065-0999-11e4-8db1-446d57860add}\Shell\AutoRun\command - "" = G:\INSTALL.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.clmp3enc - C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.10.22 13:27:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.10.22 13:27:19 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\AppData\Local\Programs
[2014.10.20 20:12:31 | 000,000,000 | ---D | C] -- C:\rsit
[2014.10.15 21:15:06 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2014.10.15 21:15:05 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2014.10.15 21:15:05 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2014.10.15 21:15:05 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2014.10.15 21:15:05 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2014.10.15 21:15:05 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2014.10.15 21:14:57 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2014.10.15 21:14:57 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2014.10.15 21:14:57 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2014.10.15 21:14:55 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2014.10.15 21:14:54 | 014,632,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014.10.15 21:14:54 | 004,120,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2014.10.15 21:14:53 | 000,782,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2014.10.15 21:14:53 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2014.10.15 21:14:52 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014.10.15 21:14:51 | 011,411,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014.10.15 21:14:46 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2014.10.15 21:14:45 | 003,208,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2014.10.15 21:14:45 | 000,693,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014.10.15 21:14:45 | 000,616,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014.10.15 21:14:45 | 000,457,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2014.10.15 21:14:45 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014.10.15 21:14:45 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014.10.15 21:14:45 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2014.10.15 21:14:44 | 001,574,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2014.10.15 21:14:44 | 000,619,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014.10.15 21:14:43 | 000,532,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014.10.15 21:14:39 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014.10.15 21:14:38 | 005,551,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014.10.15 21:14:38 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2014.10.15 21:14:37 | 003,970,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014.10.15 21:14:36 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014.10.15 21:14:35 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014.10.15 21:14:31 | 003,914,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014.10.15 21:14:31 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2014.10.15 21:14:31 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014.10.15 21:14:30 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2014.10.15 21:14:30 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2014.10.15 21:14:30 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014.10.15 21:14:30 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2014.10.15 21:14:30 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2014.10.15 21:14:30 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2014.10.15 21:14:29 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsp.dll
[2014.10.15 21:14:28 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2014.10.15 21:14:28 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2014.10.15 21:14:28 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2014.10.15 21:14:28 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2014.10.15 21:14:28 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2014.10.15 21:14:28 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2014.10.15 21:14:28 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2014.10.15 21:14:27 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2014.10.15 21:14:27 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2014.10.15 21:14:27 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2014.10.15 21:14:27 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2014.10.15 21:14:26 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2014.10.15 21:14:26 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2014.10.15 21:14:25 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014.10.15 21:14:25 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014.10.15 21:14:25 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2014.10.15 21:14:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2014.10.15 21:14:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2014.10.15 21:14:25 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2014.10.15 21:14:25 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2014.10.15 21:14:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2014.10.15 21:14:25 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2014.10.15 21:14:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2014.10.15 21:14:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2014.10.15 21:14:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2014.10.15 21:14:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2014.10.15 21:14:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2014.10.15 21:14:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2014.10.15 21:14:08 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014.10.15 21:14:08 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014.10.15 21:14:06 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.10.15 21:14:06 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014.10.15 21:14:06 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.10.15 21:14:06 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.10.15 21:14:06 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.10.15 21:14:05 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.10.15 21:14:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.10.15 21:14:05 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.10.15 21:14:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.10.15 21:14:05 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.10.15 21:14:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.10.15 21:14:03 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.10.15 21:14:02 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.10.15 21:14:02 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.10.15 21:14:01 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.10.15 21:14:01 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.10.15 21:14:01 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.10.15 21:14:01 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.10.15 21:14:00 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.10.15 21:14:00 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.10.15 21:14:00 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.10.15 21:14:00 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.10.15 21:13:59 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.10.15 21:13:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.10.15 21:13:58 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.10.15 21:13:58 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.10.15 21:13:58 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.10.15 21:13:58 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.10.15 21:13:58 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.10.15 21:13:58 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.10.15 21:13:57 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.10.15 21:13:57 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.10.15 21:13:57 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.10.15 21:13:57 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.10.15 21:13:57 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.10.15 21:13:56 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.10.15 21:12:24 | 003,241,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014.10.15 21:12:19 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014.10.15 21:12:19 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014.10.15 21:12:15 | 003,722,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014.10.15 21:12:15 | 003,221,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014.10.15 21:12:15 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014.10.15 21:12:14 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014.10.15 21:12:14 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014.10.15 21:12:14 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2014.10.15 21:12:14 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014.10.15 21:12:14 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014.10.15 21:12:06 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014.10.15 21:12:06 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014.10.15 10:05:10 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\Desktop\kovy
[2014.10.15 09:59:35 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\Desktop\pandy
[2014.10.04 16:20:41 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\AppData\Local\Diagnostics
[2014.10.03 13:21:08 | 000,000,000 | R--D | C] -- C:\Users\Eliška administrátor\Desktop\zastupci programu
[2014.10.03 13:20:25 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\Desktop\mishmash
[2014.10.03 13:20:00 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\Desktop\škola
[2014.10.02 19:44:58 | 000,000,000 | -HSD | C] -- C:\Users\Eliška administrátor\AppData\Local\EmieUserList
[2014.10.02 19:44:58 | 000,000,000 | -HSD | C] -- C:\Users\Eliška administrátor\AppData\Local\EmieSiteList
[2014.10.02 15:10:19 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\Documents\Youcam
[2014.10.02 15:10:17 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\AppData\Local\CyberLink
[2014.10.01 16:49:20 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
[2014.10.01 16:48:51 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\AppData\Roaming\ICQ-Profile
[2014.10.01 16:48:51 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\AppData\Roaming\ICQM
[2014.10.01 16:42:39 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014.10.01 16:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014.10.01 16:42:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014.10.01 11:08:37 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014.10.01 11:08:37 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014.09.28 14:07:21 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\AppData\Local\Skype
[2014.09.28 14:07:19 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\AppData\Roaming\Skype
[2014.09.25 14:25:44 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
[2014.09.22 19:08:16 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\AppData\Roaming\SoftGrid Client
[2014.09.22 19:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014.09.22 19:04:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2014.09.22 19:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2014.09.22 19:01:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2014.09.22 19:00:38 | 000,000,000 | ---D | C] -- C:\Users\Eliška administrátor\AppData\Local\Microsoft Help
[2014.09.22 19:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help

========== Files - Modified Within 30 Days ==========

[2014.10.22 15:26:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.10.22 15:18:00 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.10.22 15:18:00 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.10.22 15:12:20 | 000,770,937 | ---- | M] () -- C:\Windows\SysNative\fastboot.set
[2014.10.22 15:11:11 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.10.22 15:10:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.10.22 15:10:32 | 2040,041,471 | -HS- | M] () -- C:\hiberfil.sys
[2014.10.22 14:55:58 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.10.22 09:59:16 | 001,584,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.10.22 09:59:16 | 000,669,116 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.10.22 09:59:16 | 000,654,464 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.10.22 09:59:16 | 000,141,744 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.10.22 09:59:16 | 000,122,336 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.10.20 19:03:35 | 000,143,352 | ---- | M] () -- C:\Users\Eliška administrátor\Desktop\10736121_860449687321737_1889424892_n.jpg
[2014.10.20 19:03:28 | 000,175,667 | ---- | M] () -- C:\Users\Eliška administrátor\Desktop\10743763_860449697321736_1114730375_n.jpg
[2014.10.18 19:52:17 | 000,073,584 | ---- | M] () -- C:\Users\Eliška administrátor\Desktop\bd02.jpg
[2014.10.17 20:22:13 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.10.16 18:41:13 | 000,427,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.10.15 20:48:57 | 001,659,973 | ---- | M] () -- C:\Users\Eliška administrátor\Desktop\p.png
[2014.10.15 20:48:38 | 000,101,739 | ---- | M] () -- C:\Users\Eliška administrátor\Desktop\1234975_10200192499998597_1503317948_n.jpg
[2014.10.10 04:05:59 | 000,276,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014.10.10 04:05:42 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014.10.10 04:00:38 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014.10.03 15:12:00 | 000,426,915 | ---- | M] () -- C:\Users\Eliška administrátor\Desktop\eyes.PNG
[2014.10.01 16:49:24 | 000,001,857 | ---- | M] () -- C:\Users\Eliška administrátor\Desktop\ICQ.lnk
[2014.10.01 16:42:39 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014.09.26 00:46:19 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.09.26 00:32:04 | 002,017,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.09.26 00:31:02 | 002,108,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.09.25 14:25:44 | 000,000,986 | ---- | M] () -- C:\Users\Eliška administrátor\Desktop\µTorrent.lnk
[2014.09.25 04:08:38 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014.09.25 03:40:50 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll

========== Files Created - No Company Name ==========

[2014.10.22 15:26:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.10.20 18:57:25 | 000,143,352 | ---- | C] () -- C:\Users\Eliška administrátor\Desktop\10736121_860449687321737_1889424892_n.jpg
[2014.10.20 18:57:20 | 000,175,667 | ---- | C] () -- C:\Users\Eliška administrátor\Desktop\10743763_860449697321736_1114730375_n.jpg
[2014.10.18 19:52:16 | 000,073,584 | ---- | C] () -- C:\Users\Eliška administrátor\Desktop\bd02.jpg
[2014.10.18 10:50:38 | 000,000,952 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.10.18 10:50:35 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.10.15 20:48:57 | 001,659,973 | ---- | C] () -- C:\Users\Eliška administrátor\Desktop\p.png
[2014.10.15 20:48:38 | 000,101,739 | ---- | C] () -- C:\Users\Eliška administrátor\Desktop\1234975_10200192499998597_1503317948_n.jpg
[2014.10.03 15:11:59 | 000,426,915 | ---- | C] () -- C:\Users\Eliška administrátor\Desktop\eyes.PNG
[2014.10.01 16:49:24 | 000,001,857 | ---- | C] () -- C:\Users\Eliška administrátor\Desktop\ICQ.lnk
[2014.08.27 21:50:01 | 000,000,000 | -HS- | C] () -- C:\Users\Eliška administrátor\AppData\Local\LumaEmu
[2014.06.26 12:47:36 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.07.12 10:03:55 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\DAEMON Tools Lite
[2014.10.03 14:29:00 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\ICQ-Profile
[2014.10.01 16:49:14 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\ICQM
[2014.06.26 13:01:06 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\Leadertech
[2014.09.22 19:08:24 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\SoftGrid Client
[2014.07.10 17:00:34 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\TP
[2014.10.22 15:09:46 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\uTorrent
[2014.07.10 21:15:18 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\VitySoft
[2014.08.18 21:01:24 | 000,000,000 | ---D | M] -- C:\Users\Eliška bez oprávnění\AppData\Roaming\DAEMON Tools Lite
[2014.08.30 10:53:40 | 000,000,000 | ---D | M] -- C:\Users\Eliška bez oprávnění\AppData\Roaming\ICQ
[2014.08.04 21:57:18 | 000,000,000 | ---D | M] -- C:\Users\Eliška bez oprávnění\AppData\Roaming\ICQ-Profile
[2014.08.04 21:57:29 | 000,000,000 | ---D | M] -- C:\Users\Eliška bez oprávnění\AppData\Roaming\ICQM
[2014.06.26 13:13:24 | 000,000,000 | ---D | M] -- C:\Users\Eliška bez oprávnění\AppData\Roaming\Leadertech
[2014.07.24 14:05:30 | 000,000,000 | ---D | M] -- C:\Users\Eliška bez oprávnění\AppData\Roaming\Origin
[2014.09.10 23:13:44 | 000,000,000 | ---D | M] -- C:\Users\Eliška bez oprávnění\AppData\Roaming\Recolored
[2014.09.21 18:43:39 | 000,000,000 | ---D | M] -- C:\Users\Eliška bez oprávnění\AppData\Roaming\SoftGrid Client
[2014.09.01 16:02:31 | 000,000,000 | ---D | M] -- C:\Users\Eliška bez oprávnění\AppData\Roaming\Teeworlds
[2014.09.09 10:40:15 | 000,000,000 | ---D | M] -- C:\Users\Eliška bez oprávnění\AppData\Roaming\uTorrent
[2014.06.27 21:04:24 | 000,000,000 | ---D | M] -- C:\Users\Eliška bez oprávnění\AppData\Roaming\VitySoft

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,011,848 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.10.18 10:50:35 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.10.18 10:50:38 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2014.07.07 04:06:31 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=19D511CC455C19DE1ADF60E6C39C85B6 -- C:\Windows\SysNative\cryptsvc.dll
[2014.07.07 04:06:31 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=19D511CC455C19DE1ADF60E6C39C85B6 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18526_none_d41cb8b3b175406a\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013.10.05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2014.07.07 03:40:07 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=623E143F2DF17C0106A9988F5D7DC878 -- C:\Windows\SysWOW64\cryptsvc.dll
[2014.07.07 03:40:07 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=623E143F2DF17C0106A9988F5D7DC878 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18526_none_77fe1d2ff917cf34\cryptsvc.dll
[2014.07.07 04:06:07 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=63A15BA9875364C4147B226CB70468B3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22736_none_d49b8778ca9af94c\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2014.07.07 03:40:42 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=90BFC30E730A6760F1FEE2A55F8AB029 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22736_none_787cebf5123d8816\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.10.10 09:52:17 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.10.10 09:52:17 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.10.10 09:52:17 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.10.10 09:52:17 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.10.10 09:52:17 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.10.10 09:52:17 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2011.11.30 04:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.11.30 04:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_9c981fcb416c038e\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.10.10 09:56:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.10.10 09:56:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.10.10 09:56:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.10.10 09:56:15 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2014.05.30 10:00:12 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=04F6C08B30C599D301CE8530A6F6A703 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2012.06.14 06:13:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\SysNative\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_04e678d68c96e399\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.14 06:13:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2012.06.14 06:13:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2014.05.30 10:07:57 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F23812F9F7B130854E4BC0389F7C688C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe

< MD5 for: NDIS.SYS >
[2010.12.29 12:33:33 | 000,950,656 | ---- | M] (Microsoft Corporation) MD5=303310C91F8C0740ED1C76851C759874 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21628_none_066fff3d4bd0b870\ndis.sys
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2010.12.29 12:57:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17530_none_05d3903632c269df\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.10.10 09:56:15 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.10.10 09:56:15 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.10.10 09:56:15 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.10.10 09:56:15 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.10.10 09:56:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.10.10 09:56:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.10.10 09:56:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.10.10 09:56:15 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22780_none_0a9a84b9492b3ec8\smss.exe
[2013.08.29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2012.06.14 06:14:06 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2011.10.10 09:51:05 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.10.10 09:55:41 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.10.10 09:51:05 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.10.10 09:52:27 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.10.10 09:52:27 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2011.10.10 09:55:41 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2012.06.14 06:14:06 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bded6c2633e4d273af4e9e418d2cbfc3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bded6c2633e4d273af4e9e418d2cbfc3\*.tmp -> ]
[12 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.09.18 11:31:25 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\Adobe
[2014.07.12 09:57:17 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\CyberLink
[2014.07.12 10:03:55 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\DAEMON Tools Lite
[2014.10.03 14:29:00 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\ICQ-Profile
[2014.10.01 16:49:14 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\ICQM
[2014.06.26 13:00:36 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\Identities
[2014.06.26 12:46:40 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\Intel
[2014.06.26 13:01:06 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\Leadertech
[2014.06.26 13:03:58 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\Macromedia
[2011.10.10 10:19:45 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\Media Center Programs
[2014.10.16 18:39:06 | 000,000,000 | --SD | M] -- C:\Users\Eliška administrátor\AppData\Roaming\Microsoft
[2014.10.19 22:26:47 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\Skype
[2014.09.22 19:08:24 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\SoftGrid Client
[2014.07.10 17:00:34 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\TP
[2014.10.22 15:09:46 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\uTorrent
[2014.07.10 21:15:18 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\VitySoft
[2014.07.12 10:21:48 | 000,000,000 | ---D | M] -- C:\Users\Eliška administrátor\AppData\Roaming\WinRAR

cocinella · #13 Příspěvek od **cocinella** » 22 říj 2014 15:13

< %APPDATA%\*.exe /s >
[2014.10.01 16:49:14 | 035,239,432 | ---- | M] (ICQ) -- C:\Users\Eliška administrátor\AppData\Roaming\ICQM\icq.exe
[2014.10.01 16:49:16 | 035,212,808 | ---- | M] (ICQ) -- C:\Users\Eliška administrátor\AppData\Roaming\ICQM\icqsetup.exe
[2014.10.01 16:49:14 | 004,739,616 | ---- | M] () -- C:\Users\Eliška administrátor\AppData\Roaming\ICQM\ICQ\dll\mailrusputnik.exe
[2014.07.12 10:18:43 | 000,010,134 | R--- | M] () -- C:\Users\Eliška administrátor\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2014.04.14 00:00:00 | 000,042,496 | ---- | M] () -- C:\Users\Eliška administrátor\AppData\Roaming\uTorrent\uninstall.exe
[2014.04.14 00:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Eliška administrátor\AppData\Roaming\uTorrent\utorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.10.22 15:12:57 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2014.03.04 11:19:52 | 003,696,912 | ---- | M] (Disc Soft Ltd)
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe
"icq" = C:\Users\Eliška administrátor\AppData\Roaming\ICQM\icq.exe -CU -- [2014.10.01 16:49:14 | 035,239,432 | ---- | M] (ICQ)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.10.22 15:26:23 | 000,000,512 | ---- | M] () MD5=584DCBE78C8CF15852AAD4BF0B80E4EE -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.07.12 10:21:49 | 000,000,658 | ---- | M] () -- \Users\Eliška administrátor\AppData\Roaming\Microsoft\Windows\Recent\The-Sims-3-Crack-1.50.lnk
[2014.07.10 21:15:20 | 000,005,592 | ---- | M] () -- \Users\Eliška administrátor\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp
[2014.07.12 10:08:42 | 006,814,483 | ---- | M] () -- \Users\Eliška administrátor\Downloads\The-Sims-3-Crack-1.50.zip
[2014.06.27 21:04:26 | 000,005,592 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp

< *keygen* /s >
[2014.02.05 21:13:48 | 000,002,857 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Extensions\gonbigodpnfghidmnphnadhepmbabhij\2.2.2_0\img\keygen.gif
[2014.02.05 21:13:48 | 000,050,300 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Extensions\gonbigodpnfghidmnphnadhepmbabhij\2.2.2_0\snd\keygenEnd.mp3
[2014.02.05 21:13:48 | 000,088,544 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Extensions\gonbigodpnfghidmnphnadhepmbabhij\2.2.2_0\snd\keygenLoop.mp3
[2014.02.05 21:13:48 | 000,045,286 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Extensions\gonbigodpnfghidmnphnadhepmbabhij\2.2.2_0\snd\keygenStart.mp3

< *AntiWPA* /s >

< *loader* /s >
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011.01.29 08:30:38 | 000,056,416 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\Koan\pyloader.dll
[2011.01.29 08:29:20 | 000,015,969 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\PyUploader.kc
[2011.01.29 08:29:20 | 000,179,296 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\_PyUploader.pyd
[2011.01.29 08:29:20 | 002,475,304 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2011.10.17 23:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 22:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 20:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.11 00:55:50 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2014.06.10 23:11:45 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Ace32Loader.exe
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \The KMPlayer\ImLoader.dll
[2014.10.14 22:44:10 | 000,003,208 | ---- | M] () -- \Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.6_0\skin\ajax-loader.gif
[2014.10.01 16:43:01 | 000,001,980 | ---- | M] () -- \Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UKSOUJV4\AdLoader[1].htm
[2014.10.01 16:43:01 | 000,018,715 | ---- | M] () -- \Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ULQN7VD3\AdLoader-a5fa12058ddb9a8919d6906ba95d7c57.min[1].js
[2014.07.24 14:53:16 | 000,072,638 | ---- | M] () -- \Users\Eliška administrátor\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.07.24 14:53:16 | 000,003,032 | ---- | M] () -- \Users\Eliška administrátor\AppData\Local\Skype\Apps\login\images\loader.png
[2014.07.24 14:53:16 | 000,006,012 | ---- | M] () -- \Users\Eliška administrátor\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.07.24 14:53:16 | 000,021,956 | ---- | M] () -- \Users\Eliška administrátor\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.07.24 14:53:16 | 000,009,772 | ---- | M] () -- \Users\Eliška administrátor\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.06.03 16:26:54 | 000,003,208 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\skin\ajax-loader.gif
[2014.06.03 16:26:54 | 000,003,208 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_1\skin\ajax-loader.gif
[2014.06.03 16:26:54 | 000,003,208 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_2\skin\ajax-loader.gif
[2014.06.03 16:26:54 | 000,003,208 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_3\skin\ajax-loader.gif
[2014.06.03 16:26:54 | 000,003,208 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_4\skin\ajax-loader.gif
[2014.08.10 13:49:30 | 000,000,121 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\59VDRUFK\tr-vidyoda.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2014.08.10 17:21:29 | 000,018,544 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GHNHBGEP\AdLoader-0ee9685baf8ff395a7119d551063e2d4.min[1].js
[2014.08.03 15:49:21 | 000,017,912 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GHNHBGEP\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014.09.14 15:54:56 | 000,001,980 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GHNHBGEP\AdLoader[1].htm
[2014.08.22 22:48:33 | 000,000,410 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PTC8JT2G\preloader[2].htm
[2014.08.03 15:49:21 | 000,001,980 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S2P43MG6\AdLoader[1].htm
[2014.09.14 15:54:57 | 000,018,715 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XDJB8711\AdLoader-a5fa12058ddb9a8919d6906ba95d7c57.min[1].js
[2014.09.20 01:01:29 | 000,001,737 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\44T2YFRZ\loader[1].gif
[2014.07.01 11:46:16 | 000,072,638 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.07.01 11:46:16 | 000,003,032 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Skype\Apps\login\images\loader.png
[2014.07.01 11:46:16 | 000,006,012 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.07.01 11:46:16 | 000,021,956 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.07.01 11:46:16 | 000,009,772 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.08.04 21:59:20 | 000,005,795 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Roaming\ICQ\Application\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2014.08.04 21:59:20 | 000,004,180 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Roaming\ICQ\Application\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2014.08.04 21:59:19 | 000,005,520 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Roaming\ICQ\Application\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.04.20 11:29:39 | 000,002,886 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Roaming\ICQ\Application\ICQ7M\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2014.08.04 21:59:37 | 000,000,402 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Roaming\ICQ\Application\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2014.08.18 18:52:27 | 000,003,830 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Roaming\ICQ\Application\ICQ7M\Xtraz\icq\content\rps\preloader02.swf
[2014.08.18 18:58:13 | 000,003,830 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Roaming\ICQ\Application\ICQ7M\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2012.04.20 11:29:39 | 000,003,830 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Roaming\ICQ\Application\ICQ7M\Xtraz\icq\content\zoopaloola\preloader02.swf
[2014.09.22 19:04:08 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\1eeeafda1c58ef6e778ff768f9a94a6f\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.08 23:51:48 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_da-dk_2e996e2009f56895.manifest
[2014.07.08 23:51:22 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_de-de_2bc5035c0bcbbd2f.manifest
[2014.07.08 23:51:25 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_el-gr_d45b30eefae125bd.manifest
[2014.07.08 23:52:01 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_en-us_d4b5d954faa9c8f4.manifest
[2014.07.08 23:51:37 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_es-es_d4813638fad0ba99.manifest
[2014.07.08 23:51:22 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fi-fi_739c3ae5efeaacc3.manifest
[2014.07.08 23:51:31 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fr-fr_7738ac37eda2d0fb.manifest
[2014.07.08 23:52:03 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_hu-hu_bea92c7fd202a017.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_it-it_6160a27ec4d4b679.manifest
[2014.07.08 23:51:51 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ja-jp_0386218bb7efc854.manifest
[2014.07.08 23:51:11 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ko-kr_a6effe40aa608f6a.manifest
[2014.07.08 23:51:17 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nb-no_8f827f758285bb26.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nl-nl_8dc1cab383b1c4fb.manifest
[2014.07.08 23:51:44 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pl-pl_d3fe253568d432af.manifest
[2014.07.08 23:51:31 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-br_d6520fd9675dc693.manifest
[2014.07.08 23:51:12 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-pt_d733df4566cd366f.manifest
[2014.07.08 23:51:24 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ru-ru_1dd6f1094baec49b.manifest
[2014.07.08 23:51:26 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_sv-se_b9d1db7e42d7cef6.manifest
[2014.07.08 23:51:38 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_tr-tr_62df25c53193d0e7.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-cn_343c43c2e1cba306.manifest
[2014.07.08 23:51:18 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-hk_32e73c50e2a71596.manifest
[2014.07.08 23:51:24 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-tw_38388118df3c7f76.manifest
[2014.07.08 23:51:13 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_da-dk_2f183ce5231b2177.manifest
[2014.07.08 23:51:30 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_de-de_2c43d22124f17611.manifest
[2014.07.08 23:51:21 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_el-gr_d4d9ffb41406de9f.manifest
[2014.07.08 23:52:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_en-us_d534a81a13cf81d6.manifest
[2014.07.08 23:51:12 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_es-es_d50004fe13f6737b.manifest
[2014.07.08 23:51:30 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fi-fi_741b09ab091065a5.manifest
[2014.07.08 23:51:13 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fr-fr_77b77afd06c889dd.manifest
[2014.07.08 23:52:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_hu-hu_bf27fb44eb2858f9.manifest
[2014.07.08 23:52:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_it-it_61df7143ddfa6f5b.manifest
[2014.07.08 23:51:54 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ja-jp_0404f050d1158136.manifest
[2014.07.08 23:51:36 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ko-kr_a76ecd05c386484c.manifest
[2014.07.08 23:51:59 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nb-no_90014e3a9bab7408.manifest
[2014.07.08 23:51:59 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nl-nl_8e4099789cd77ddd.manifest
[2014.07.08 23:52:00 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pl-pl_d47cf3fa81f9eb91.manifest
[2014.07.08 23:51:49 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-br_d6d0de9e80837f75.manifest
[2014.07.08 23:52:02 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-pt_d7b2ae0a7ff2ef51.manifest
[2014.07.08 23:51:44 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ru-ru_1e55bfce64d47d7d.manifest
[2014.07.08 23:51:29 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_sv-se_ba50aa435bfd87d8.manifest
[2014.07.08 23:51:22 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_tr-tr_635df48a4ab989c9.manifest
[2014.07.08 23:51:34 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-cn_34bb1287faf15be8.manifest
[2014.07.08 23:51:42 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-hk_33660b15fbccce78.manifest
[2014.07.08 23:51:10 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-tw_38b74fddf8623858.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_9f5264e54ecc21f2.manifest
[2014.07.08 23:51:14 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_da-dk_3c8c450c45121df1.manifest
[2014.07.08 23:51:52 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_de-de_39b7da4846e8728b.manifest
[2014.07.08 23:52:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_el-gr_e24e07db35fddb19.manifest
[2014.07.08 23:51:04 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_en-us_e2a8b04135c67e50.manifest
[2014.07.08 23:51:24 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_es-es_e2740d2535ed6ff5.manifest
[2014.07.08 23:51:45 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fi-fi_818f11d22b07621f.manifest
[2014.07.08 23:51:32 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fr-fr_852b832428bf8657.manifest
[2014.07.08 23:51:35 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_hu-hu_cc9c036c0d1f5573.manifest
[2014.07.08 23:51:44 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_it-it_6f53796afff16bd5.manifest
[2014.07.08 23:51:38 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ja-jp_1178f877f30c7db0.manifest
[2014.07.08 23:51:25 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ko-kr_b4e2d52ce57d44c6.manifest
[2014.07.08 23:51:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nb-no_9d755661bda27082.manifest
[2014.07.08 23:52:02 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nl-nl_9bb4a19fbece7a57.manifest
[2014.07.08 23:51:42 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pl-pl_e1f0fc21a3f0e80b.manifest
[2014.07.08 23:51:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-br_e444e6c5a27a7bef.manifest
[2014.07.08 23:51:28 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-pt_e526b631a1e9ebcb.manifest
[2014.07.08 23:52:03 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ru-ru_2bc9c7f586cb79f7.manifest
[2014.07.08 23:51:34 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_sv-se_c7c4b26a7df48452.manifest
[2014.07.08 23:51:13 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_tr-tr_70d1fcb16cb08643.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-cn_422f1aaf1ce85862.manifest
[2014.07.08 23:52:03 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-hk_40da133d1dc3caf2.manifest
[2014.07.08 23:51:19 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-tw_462b58051a5934d2.manifest
[2014.07.08 23:51:06 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_cs-cz_9fd133aa67f1dad4.manifest
[2014.07.08 23:51:38 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_da-dk_3d0b13d15e37d6d3.manifest
[2014.07.08 23:51:07 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_de-de_3a36a90d600e2b6d.manifest
[2014.07.08 23:51:50 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_el-gr_e2ccd6a04f2393fb.manifest
[2014.07.08 23:51:25 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_en-us_e3277f064eec3732.manifest
[2014.07.08 23:51:49 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_es-es_e2f2dbea4f1328d7.manifest
[2014.07.08 23:51:40 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fi-fi_820de097442d1b01.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fr-fr_85aa51e941e53f39.manifest
[2014.07.08 23:51:44 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_hu-hu_cd1ad23126450e55.manifest
[2014.07.08 23:51:56 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_it-it_6fd24830191724b7.manifest
[2014.07.08 23:51:55 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ja-jp_11f7c73d0c323692.manifest
[2014.07.08 23:51:28 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ko-kr_b561a3f1fea2fda8.manifest
[2014.07.08 23:51:47 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nb-no_9df42526d6c82964.manifest
[2014.07.08 23:51:12 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nl-nl_9c337064d7f43339.manifest
[2014.07.08 23:52:04 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pl-pl_e26fcae6bd16a0ed.manifest
[2014.07.08 23:51:54 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-br_e4c3b58abba034d1.manifest
[2014.07.08 23:51:13 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-pt_e5a584f6bb0fa4ad.manifest
[2014.07.08 23:51:29 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ru-ru_2c4896ba9ff132d9.manifest
[2014.07.08 23:51:35 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_sv-se_c843812f971a3d34.manifest
[2014.07.08 23:51:35 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_tr-tr_7150cb7685d63f25.manifest
[2014.07.08 23:51:11 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-cn_42ade974360e1144.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-hk_4158e20236e983d4.manifest
[2014.07.08 23:51:32 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-tw_46aa26ca337eedb4.manifest
[2014.08.19 05:35:52 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_9dd39e01816788fc.manifest
[2014.08.19 05:26:54 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_9e4e6b9e9a90dc82.manifest
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2014.06.24 19:51:34 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2014.06.24 19:51:34 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.10.10 09:55:55 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.06.28 21:36:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.10.10 09:55:55 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.06.28 21:36:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.16 09:55:05 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96.manifest
[2014.10.16 09:55:05 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winload.efi.mui_35ee487d
[2014.10.16 09:55:05 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winload.exe.mui_3bc5b827
[2014.10.16 09:55:05 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winresume.efi.mui_f412814e
[2014.10.16 09:55:05 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winresume.exe.mui_ff8b5358
[2014.10.16 09:55:07 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0.manifest
[2014.10.16 09:55:07 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winload.efi_75834aa0
[2014.10.16 09:55:08 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winload.exe_75835076
[2014.10.16 09:55:08 | 000,616,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winresume.efi_85cd069f
[2014.10.16 09:55:08 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2012.06.14 06:08:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96.manifest
[2014.07.08 23:52:03 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_cs-cz_91de5cbe2cd52578.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.10.10 09:51:16 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2014.08.19 05:35:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0.manifest
[2011.10.10 09:51:16 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014.08.19 05:26:49 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_b98696ee9ca07f56.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.10.10 09:55:55 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.06.28 21:36:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.10.10 09:55:55 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.06.28 21:36:04 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2011.02.09 23:38:08 | 000,707,072 | ---- | M] () -- \Program Files (x86)\Common Files\Intel Corporation\WiDiAgent\serializer.dll
[2014.05.13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.07.29 09:46:40 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.06.14 06:10:23 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.04.15 03:20:46 | 000,415,592 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010.04.15 03:20:46 | 000,141,168 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010.04.15 03:20:46 | 000,321,376 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Xml.Serialization.dll
[2014.05.13 23:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.07.29 09:47:12 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014.07.11 00:24:01 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.06.14 06:10:23 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.07.13 09:46:16 | 000,057,344 | ---- | M] () -- \Rust\rust_Data\Managed\Google.ProtocolBuffers.Serialization.dll
[2014.10.17 22:52:42 | 002,063,360 | ---- | M] () -- \Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage
[2014.10.17 22:52:42 | 000,016,384 | ---- | M] () -- \Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage-journal
[2014.09.02 20:06:32 | 002,145,280 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage
[2014.09.02 20:06:32 | 000,005,672 | ---- | M] () -- \Users\Eliška bez oprávnění\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage-journal
[2013.07.08 14:43:52 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.10.16 18:46:16 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.16 18:52:09 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
[2014.10.16 18:43:47 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\2a07bf9a29a64827bf06e7853214fc0f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.16 18:48:11 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5015b90fbd31c9ba4fff989b2c79711b\System.Runtime.Serialization.ni.dll
[2014.09.12 10:14:26 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.09.12 10:14:26 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.10.16 09:58:12 | 002,822,144 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
[2014.10.16 09:58:12 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll.aux
[2014.07.10 17:21:20 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.07.10 17:21:20 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014.09.12 18:21:21 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\10cfe6422504c1beb7abe4f8f26aa6a8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.09.12 18:21:21 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\10cfe6422504c1beb7abe4f8f26aa6a8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.10.16 11:14:50 | 003,638,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\6d9b2d977435904b70f2e1571f7cf026\System.Runtime.Serialization.ni.dll
[2014.10.16 11:14:50 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\6d9b2d977435904b70f2e1571f7cf026\System.Runtime.Serialization.ni.dll.aux
[2014.07.10 17:17:39 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014.07.10 17:17:39 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013.09.11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.amd64
[2013.09.11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.x86
[2013.09.11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll_gac_x86
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.06.14 06:10:18 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.07.11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2014.06.24 01:43:09 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.06.14 06:10:16 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014.07.11 00:24:02 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2012.06.14 06:10:12 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2012.06.14 06:10:12 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2012.06.14 06:10:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.06.14 06:10:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_1e468964c1feb99a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.06.14 06:10:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_1ec35795db263fce\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.06.14 06:10:18 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2012.06.14 06:10:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2012.06.14 06:10:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_bb8e310269277fd7\System.RunTime.Serialization.Resources.dll
[2012.06.14 06:10:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_bc0cffc7824d38b9\System.RunTime.Serialization.Resources.dll
[2012.06.14 06:10:19 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:09 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_a9a7e561157d82e9\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:05 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_92db3ec72f23fc97\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2014.03.09 23:48:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff\System.Runtime.Serialization.dll
[2014.07.11 00:24:02 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2014.03.17 16:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad\System.Runtime.Serialization.dll
[2014.07.08 01:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2014.03.09 23:48:50 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98\System.Runtime.Serialization.dll
[2014.07.11 00:24:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2014.03.17 16:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846\System.Runtime.Serialization.dll
[2014.07.08 01:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d\System.Runtime.Serialization.dll
[2011.10.10 09:51:19 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.10.10 09:51:19 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2012.06.14 06:10:40 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2012.06.14 06:10:39 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.10.10 09:51:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.10.10 09:51:16 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2014.07.02 08:30:52 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff.manifest
[2014.07.14 04:24:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2014.07.02 08:30:44 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad.manifest
[2014.07.14 04:13:57 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2014.07.02 08:31:00 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98.manifest
[2014.07.14 04:24:58 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2014.07.02 08:30:53 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846.manifest
[2014.07.14 04:14:06 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2014.07.02 07:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014.07.14 04:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2014.07.02 08:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014.07.14 04:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2012.06.14 06:09:22 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2014.07.02 09:46:46 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2014.07.14 06:02:27 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2014.07.02 10:08:13 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2014.07.14 06:06:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2014.07.02 08:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014.07.14 04:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2014.07.02 08:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014.07.14 04:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2014.07.02 07:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014.07.14 04:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2014.07.02 08:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014.07.14 04:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 01:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2012.06.14 06:10:17 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.08 14:43:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014.07.11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2014.03.17 16:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2012.06.14 06:10:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2014.03.17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2012.06.14 06:10:18 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.06.14 06:10:18 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_289b33b6f65f7b95\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.06.14 06:10:18 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_291801e80f8701c9\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.06.14 06:10:12 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2012.06.14 06:10:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2012.06.14 06:10:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2012.06.14 06:10:23 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2014.03.09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014.07.11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[2014.03.17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014.07.08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

#14 Příspěvek od **Márty84** » 22 říj 2014 16:44

Napiste mi velikost adresare plochy (C:\Users\Eliška administrátor\Desktop)

Vypnete antivir, at nebrani programu v praci.

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
MBAMProtector
MBAMSwissArmy
MBAMWebAccessControl
AdobeARMservice
MBAMService
MBAMScheduler
SkypeUpdate
gupdate
McAfee SiteAdvisor Service
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Program Files (x86)\Malwarebytes Anti-Malware
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\drivers\MBAMSwissArmy.sys
C:\ProgramData\Malwarebytes
C:\Windows\system32\drivers\mwac.sys
C:\Windows\system32\drivers\mbamchameleon.sys
C:\Windows\system32\drivers\mbam.sys

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2994029813-3913644161-4273365563-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-21-2994029813-3913644161-4273365563-1000..\Run: [Power2GoExpress] NA File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2994029813-3913644161-4273365563-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bded6c2633e4d273af4e9e418d2cbfc3\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bded6c2633e4d273af4e9e418d2cbfc3\*.tmp -> ]
[12 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"icq"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"GrooveMonitor"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

cocinella · #15 Příspěvek od **cocinella** » 22 říj 2014 18:35

7,02 GB, pokud se spravne divam

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Eliška administrátor
->Temp folder emptied: 55277497 bytes
->Temporary Internet Files folder emptied: 77115987 bytes
->Java cache emptied: 5809828 bytes
->Google Chrome cache emptied: 481222193 bytes
->Flash cache emptied: 1159 bytes

User: Eliška bez oprávnění
->Temp folder emptied: 58100857 bytes
->Temporary Internet Files folder emptied: 209159044 bytes
->Java cache emptied: 479580 bytes
->Google Chrome cache emptied: 418162027 bytes
->Flash cache emptied: 1424 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 81295612 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 771215308 bytes

Total Files Cleaned = 2 058,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Eliška administrátor
->Flash cache emptied: 0 bytes

User: Eliška bez oprávnění
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Error: No service named MBAMProtector was found to stop!
Service\Driver key MBAMProtector not found.
Service MBAMSwissArmy stopped successfully!
Service MBAMSwissArmy deleted successfully!
Error: No service named MBAMWebAccessControl was found to stop!
Service\Driver key MBAMWebAccessControl not found.
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Error: No service named MBAMService was found to stop!
Service\Driver key MBAMService not found.
Error: No service named MBAMScheduler was found to stop!
Service\Driver key MBAMScheduler not found.
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service McAfee SiteAdvisor Service stopped successfully!
Service McAfee SiteAdvisor Service deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
File\Folder C:\Program Files (x86)\Malwarebytes Anti-Malware not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\Windows\system32\drivers\MBAMSwissArmy.sys not found.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
File\Folder C:\Windows\system32\drivers\mwac.sys not found.
File\Folder C:\Windows\system32\drivers\mbamchameleon.sys not found.
File\Folder C:\Windows\system32\drivers\mbam.sys not found.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2994029813-3913644161-4273365563-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
File c:\progra~2\mcafee\msc\npmcsn~1.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2994029813-3913644161-4273365563-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Power2GoExpress deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2994029813-3913644161-4273365563-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2ED.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP68D0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP91FF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB154.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD4FC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF13E.tmp\System.Web.Entity.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF13E.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\bded6c2633e4d273af4e9e418d2cbfc3\BITF155.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\icq deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 10222014_191529

Files\Folders moved on Reboot...
C:\Users\Eliška administrátor\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Eliška administrátor\AppData\Local\Temp\pptE16F.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\115C5F99.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\1B3D92DE.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\2AAC2BA8.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\2F17229C.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\3627F1AE.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\4252E947.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\445099D7.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\50E77E0F.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\5B8D0C6.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\6C41B772.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\74587850.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\78B1F113.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\78B2789.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\85307221.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\868101F5.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\8A038FD.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\91F1CFF8.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\988FBCCB.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\9B6279EC.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\A77260C4.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\C182D2A0.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\D78CB2DA.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\E83DFC11.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\E99EFF83.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\EF32BC5B.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\FCEF4F0A.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\FD32E9ED.wmz not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso9783.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso97C2.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso97D3.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso97D4.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso97E4.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso98E8.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso98E9.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso98F9.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso98FA.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso98FB.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso98FC.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso98FD.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso98FE.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso990F.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso9910.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso9911.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso9912.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso9913.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso9914.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso9915.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso9916.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso9927.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso9937.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso9938.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso9939.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso993A.tmp not found!
File\Folder C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\mso993B.tmp not found!
C:\Users\Eliška administrátor\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_4 moved successfully.
C:\Users\Eliška administrátor\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

VIRY.CZ

Preventivní kontrola

Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola