Zdravim,prosim o kontrolu, pc si dela co chce v prohlizeci otevira sam dalsi stranky a pridava reklamy do stranek, dale i kdyz u pc treba nesedim hlasi avast treba 4 zabranene utoky, dale mi stale nachazi neoblibene rozsireni v prohlizeci ktere sice odstrani nicmene za par minut opet zpet.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Eamon at 2014-10-23 18:21:01
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 27 GB (9%) free of 286 GB
Total RAM: 8156 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:21:17, on 23.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\HsMgr.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Nsasoft\RegAuditor\RegAuditor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Eamon.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: cb53b500f3e90131a6091fb939dcadf40061915 - {11111111-1111-1111-1111-110611191115} - C:\Program Files (x86)\Senses\Senses-bho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Eamon\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 10094 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss ea069708-24f2-4e68-ae6f-7967a6440214 1
\??\C:\Windows\system32\conhost.exe "-213914467519765019821884322882-363950718-1895240652461833666237364327-616408161
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1052340706-30223737488565238903289723-447904294-1512355937602753174-1087334196
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
"C:\Windows\SysWOW64\HsMgr.exe" Envoke
"C:\Windows\system\HsMgr64.exe" Envoke
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\SearchIndexer.exe /Embedding
szndesktop.exe default start
"C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1525731179403890905780763071-1684283139484592595-469018309-206718801-1754248580
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
taskeng.exe {A6310861-0A16-4C10-9195-F164D622079B}
"C:\Program Files (x86)\Senses\1b58c730-65b5-4e0d-a515-021b356a0503-6.exe" /rawdata=uV17CSzpBsxljWTB9IL1ZfoBYtrq95r0PMxlUipn+ZrsfXW66tqyuRXpZ2zbHCHPXNWahaTacpT8uTOZ1i5nX8qJYikiSEFijCgdfnvvjyiBgCgVgSfQKrQuRww1dl/NYjJV5gsD43fJpokWb4ziWj1gi4oE8bx9ekdqFroPSARJfx5KhHUQL3FaB+PmxDHOUwuCNLf1kGB4HKo/oDANQsRmjWnPimb+60H1ovlFd9g6ziNsjLBTBfulUYXPJbTIdFDebEP4kHW2iFNkWy5vKqQ/UukgpSuBaQzwLnKLSfk8nZ8mK41EQWDnSo/FlHz4oMfv/ri8+6BuAehKkBClwm7oIl/1HjJ6OkVuxkE21MBHUf+qySgZIIMIf6dZgdfKImeihlWY6nyGtRGG6WwdIZBE5j13mkvdr+SYLPvs7mPPF9C7XJwaKPMcqL1bGMmfJ2WA/wB4+88xBFxY0mJUu8WRSBtl/+dBZn7Qjjw9CG8bxRf8QOFwBQYi2HHm7w0dWvYMeM6ljenZHM4y5XmwAWhwLC4IBIeBxu2xVE5v+FMB8Bqu88DEiI6AZGTNzEKFEDCz4nCX0qyaYoo94UGepICYc79+Sy/WC8rK1YM4BUiksKD42cnukN6cIfnUMxDcvGDdZL58cVj8yc/ffPQmq2DRVdGRKxnk7Ny8fTNj7XsrB5a64FJgsDHTdhA4jK5jQBpTgcq7ho29vsSP6YDOMVYouIi3WzOt0aAOYXl7zqaidLOW5YUf0zYXswpaL0CYuMc/9mrZdZmjfAjHON5TP1AA4ss5lsLriNYqqWf1Ubvw9KtdEYlgUVRlEwGpvTTgeD+9PWtU87Mde2yaUGCrs5ivGqCy89+H3o/b9RrfUUvFdTr1tugd5+tYoSfPJmUTIXaq+7QUJev2ZtAnIr/7g+IsYgJDyIBaxK1D0npx8h5R29nfjY5dfgoQ/UjMqcHbRpgwUwCWhtTPMbwHIDPcU34BsJI+LfQLJg158Orkcb+sv7Mjgb4eJj5cT5NID6bTmJ1k6ojaV2YWII5y6QlSUGZ8d5x8G1NVhGGIvb/oIY4aUGr4/75Dj61nZKJDAAqbmLFHJY3v7NHkOPDfVp1ZY3lhtMyIAgMIP5jPXcVIb9v4DhAQLsFZsG0YGkqrXLxCP/8rgdakMhHRakIaZA3jqbwHSYGzGkEHzHsI/BYhIeMzNebEIp9v0K2SSB1Oqhr7uFv3W/cfMLpM3R8P1gh47jpZ4QYc9jSrys6JLl3xbXd9O7/L2e11Ur3dH1Wve1ouMWjz5UI6DR3rofa54WrxyywtGaK2CDpX5k3PN8dzQ8QxhSxh0U3Ma1Zu7Z0DLSW6mYQK8CSrVA5IphKYJzMN+prbiU6/g5T6U6+BDv1yyABb32gQ9mpCUF3udhkJQgs49RefZzo0GwEGp5plOT1Pkq4ip9eUVMskTY30plBG3PHOuLNtQr3BtLbLFQ5F4ZDazcXOIfDBk89TEkFhO2YCFHVjsAykX/MQ3O4YpJ5+KfGPpCBjXwBIjZuT8LEtOflbWSH26SxO6ZkdNyWSndeqn1He9xQ9Wqq5ReOgvVhfTDlyMV8n4mPlfyxmLzUKrZJXRdHP3+YdbqboZKQB6Nc+cd+GCzaYPSCd4HF5dcbwGwYzFM6FE2bkG3LR+eq2gmfSI3Xg2vslVFGiWFmZBGO13AVZ4lba+1rDt68hPZSeXauaklx7hbs9n2mHtd5y/asjhEP6mZCeCgSKhC4vwhNFMPoD8jKWrO7hvV+sgLoPjE8Uw3yve/ye3KltMjDIk5a5SzEH0opg6EC5swdy13CU9Sv0B2VMl+XUjhDYAwUBBdKUhmZoBlNablosEanzqdWdpPdh4aixbtul02usiUX6hAo1c8Il4azTk9n3mQ3oL2zGggYq+2MGKcsGtG1e1xMY1axeRu8NTRJ1XfabCkMD/9DQ0jd39jZQUgzTNu+7qrqBmsxHDw8eo3T26RYT1mmpV22ID1p4DjTpTIWZ5849r4cELeXNLbzHGknYx5Q/BVYI7QIvHq+s6VEG5KR+DFHg
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Nsasoft\RegAuditor\RegAuditor.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4808.0.1163617193\1722964286" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,44 --gpu-vendor-id=0x10de --gpu-device-id=0x0fc6 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4411 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Unused_2/PasswordGeneration/Disabled/PasswordManagerUI/Bubble/Prerender/Prerender15minTTL/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_86/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --channel="4808.4.823038962\254295757" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4808.5.1354839408\493382521" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Eamon\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-1.job - C:\Program Files (x86)\Senses\Senses-codedownloader.exe /rawdata=cC/1FM2SL3eO0MQpuHljhymBzdpoV92KDuyVfrNjtqslGPdW2ykvFVbOs/CMHjAL0kNONPcWSTRtO82NGTnLKWjFHB3/XnybEG7BGKJF9bMug4iucMixqd2Hm0PxF2699UEbIbl06NFEGEl8h7KKfBSPEwcCH+kqGBAf6PArIxwwI39s/y4AnnryQVgmaDTt2i6676lcZHsUGDCa8m7fhfdxMooh4/VzpXFfX9bW2MfbXTA8iSLs5LRseHuPHgzN6bNQ/do+YUNS8kD0WG1mFoubrXx2FU5Co2+eNEMg3EfVVZonzxU4eI1yF1SCTrEZJFwCp1jvOYW6I9ZS8sDafW7i10J7qUHLveot+LVaK1JJGC56t4DTpYveKFLP60Vg/haxoyjkH7TEzcV3pOHW6WEkMJvr137eJ2aybQOG8nFzxR+riPsxDJpeC0SWbZN0CP+wfDl1FqwurpkV4/txzhAMIP7L0TlPzyFF9abjZVki/0HbxaAbAYrf2srev/v/hvxeUBgXBDodAvB6yu40aTBj51IYEEzCSHjVqlr7EFkPcc48TBuK03ZT4t8AXhMNxNV+vG1TPhswnFBX88zj/iDSwd5+VwZj2OF/KAvD8Y0OnDtss60O7FTfxvTpdZh+JJ4LGZl/HzdytNQ3nFxh2UFw4CHRnpAZpK1iqsS32FFuR4ZEJ4h3MEHeXn2flQQFgxDRADC44NZoYN6wsLTExQJGkYIJZR172qj7GsPy4mM8GkMoTFYkju3n6UymIDksnc698wrE7W/9vKqj5aA4SydStnbs1CAau/IwyR+7USnYZgv/BqKjm2mUUYBLfp+gvgI+8g2vv9/5c/dODtARdYf6k7qoCZCfLGRyg3dHoqGx/1UGvzIVUQ+Rz5vyPPPK/O+zIRZYAfSnnRY/zozokVVnQSkWZ564mqJenrr8xf/TEFBMiHUJPmpxdBwEK764x5idBV323EhxN8h7eN5Tv2EOiqIg+F2ylXXzQn0/YBRD1RLDOydPg8n28lWdphvKoLQ7RiIzPJHf/6GueBB7G4CnZp8HiBTB5e3vxou2KL28DtR2hX/FsfVj6frG3aaLwTGVhH5zG9DYiAxxG4Q1c+q/OcYeNOE2V4x+opnyUo7b/nxSa0yjtJlP95+QW+fxf/tUQXS/o5xw0Z4vsLbnpgeKb6+m44aQdoQM9xYQX5xgbx9kTpsZlqz7Q6rENNvNeiW+6HRevax22cHXpovxGW5Eju9maRP2qaJg2SzqEsuJ1sq7NCHvezs6TPL7L4B+jvmNRhPr21/jVJPh94462U99NikaRoxLdJ2PwFNLq+TPb/oCZXahCjdrAyWebOjQBD4urW8kenmdTL8vMJmLF4OjuUUPOV80szcsuEcejW7pHmWT9QsPqjc+sW2RFq2zJrPnrd+PafCvYO9vXFwIodjvv+gYH6fauLAL9TAEnUBRQ6hm0gZHvIDFRebRjhTA1oFjsNeJ/YFqaEuIC63BkqPaIejTIWkaAYyVmYCIs0JEZnbQ7e8lnwzknW9k7ZpAHmj8uRbGQauqI5T9bXQq1CV67jcodcnuHr68TUPjE0EhgrAM+K7o8QL0yKKKwl1paGBVMDCRoX0WIPj7l9rpGD0B6R09dJTtUWww1FW+Fj8Wd139vamAGlYZIeTgJM0b5Wvjt2/jFrZytBzSYcmxDdM5PgvF5FuRHG/5iXWovFk=
C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-11.job - C:\Program Files (x86)\Senses\1b58c730-65b5-4e0d-a515-021b356a0503-11.exe /rawdata=PeEnMbC7dMdxjnlaCB/Sr9DvbNxGTN9uoEmgC4ZmGZuHEbhU75FNWzbxmQMGvJmFvsrfrmLQSm3ONHsSbUXUhWv2GVTuCo9JzBfdMU6U3Uyx+j33SQgRvl2r2+a+9Evh0MAW4FZ01CDtEjMuaNp+RKykGbC3erW1kxKgU+UQcSAfn5CnSFjhmurbRvZmavGpGgFc2WwaqblYdQAsqFA9ReoTtN5GGn2MVU9CaqQk/mpdIS9pbEwnh4LHsvMCFSbraFq9itHe3YsvrjOxpdOjZTybZKex04neWM4vdOzh15C8hJKZG2sim50qLhli/6Ojp/rbQ30S8iV5+htyIEAsPWPByAexYD+2IvVMREvIc3q3abaVLsvH9dbe9pobSqdQt90/OZELtfVki6vx67qQ+cRaDQ9lXeE2FAGLdDva6nPL5E25cBUARNxB0+Znp3Ul6cErdwQ6aGxwSEPsTuQFHQjorcyk6rMHstAPnbwX+wBxjqvm7YMLvFrP8oOexlTJh9NnF/Pc44RfDe2x5R6h0Kvye7jfE1r3f1WA+raEGRdYc76E9j4mZlZCCK5zVABarTlgqZEdS1kudZcUxZtp1kMuQ79TMyfzcIn/cFbyDE4w0Fw3EVggw7pq06ETxGffDvpArkVdVI5PITxtA9CPdbNg+fkSa/cpo32Sk3ub5QilyBDseMdFWZdDrK08z6BcLRTklVK0ElyAIvgsuY910M3gHHFzo7Fbb1wqfoI/CPOBQJPmKktKRfwBhLW+yy0uSPCW2aWHilfn6bBlSGzDwxyTuIdKl2sZkXGs/LzQ5ivNtdD0tzSk2NMBSmbiCDkTNETzgYb+yb096qRcS8cQ8Wqv0JtXBL2KugKHZXU5pgKPyeZ5kAFVqYpe4QWeNgtdB4Gztnra2tWbGG7DjVgibLAjREwNYoxnAVT66w15aNm5ppIJaKVXN3DjB1NDC6YT7fBjZZ5xitOZiYQJNXBWaDkrNqgmgCbwnADAUgR7yRd4iytawhYGq8oQ9+NLk8c6iNka197MOkU5dEg+gn7r9jum6g2Br/GuM2+gkhVnRk7F1Y32vfJB6sOdiEHVrmrfTy5X4kuDv994RskvjgmTjQerYfvAf1qN2WCm9rdxe3UbrpFUdbC9rxZGLkvMYA+5YKnEkFY0Or4fN5UfGHUiwEATMCVROb3gLwcTgM3IL2U3NjKg+knoUvztZa7IrKR7WavGlmKGH8Tye7HiGa+IuHRVBHH122DlX6Qo/PhDZOcypMOd0EGNdoJk0sXcNyRQfChP60seM9+kp5lJF6hXe/o+CJdmAjGmlCd8iOxgPR9HqWRAdwl0O5W5lAnM15TjVeSQsaCnPINVTt+O0W6jBjaARNcWuUkcE+8fZ0sSgzHInDoQ1FkpUWUCc1PchTgde4ByCL0i5zvgpcyxQOz20Ad/AzuEZsS18iYw8BrHfo6x6Lkd/hYvHEoYg3mQc9OT2L9o3RSjpNYOWZiPK+3kViCeaBHEDpEFn5Ely6weDozF3ZD22GXO8SASOQB8CNTjBAe9V3mXlR6y4893N2Kr99kFIor8gY9oshIqlQ4PZT0Ox5Edqy5c+PFmPFBc8FBU1DUNCfOf1RId01CNghBbk8dA8DMWh+OIxkoRzhaYco+JFY+U+cupSpG2yjtU4uxfYg4qSuLEtCkjy4vNY1s1M4yz9Ej9lqfjd9zofLHLEC5lDDbHxzUx8OMptx0joo6hIi9sEzwoaVzE7QSoLFcokB7DcEghr9fATR8jVxszVzl/n3MODekeCCSvn4S3tREWBvVZiqlKE2ECla7Gu1A/AvZYg5Pf8LOb5bLyeceR74HlvjTGc7qQOz9nA3wdIjQCci74x4URNoq2XwiFrQ8qD5ttA8ixBv+a3QfIDHFC2XIa5rUvhiNFOXbcMSZrUwO/YKVB/saKCIjh0EW3V10E3yDfY4xNP0CJGUEGqLNGo3i/0/v/s1sFn1oI2mG8l7QeVBxYGW3s1Ysk20BqR/dZ5kULegqQveKbn3Bzhz+CygMLUywkKVHZq2FxGZV57UDYf01Sme/1PEPPIcRDBa29ER++N8HJfxdl2E6j/qn4T/rIbJQtQDnwbBndoFQuix/LXazqqde7wfBniWl8GLUDKeAHqyWDUnC6Vy7SsgaQ8pudD2W32tJ1i1SzztqTtDZQnRVppbxSmWA60Aea2lsXLZ7cbjriZGZ2tl/2bDZBbx00nSj6K6yBwZCRArjFCb5e+/ql07svy+8pTHpw/v2eQZkUXQAZL71q1+lWAB4tmTB5JUuy2tpmOb8LTShFI7fa+zN09pgJOO/LaJosUgWGk4k8Oy6Y+YcTq4b7l4uaBibUCEl5X91iyYcnbdX+VRMUdFZGQRCaBTXG+ShhLD/bKFeE/Cb2EiHXfRq+iny/hfS92z8PGtquhQKd94dnHyaEus5g+jIAnrNXG1oweQUTRC1jQhwNJjnNU7cS5jaUg4gQkJSanWYE43sdTZUnaiREo6CsuYi3zqyDIdIdB1YE5byy1M+6i9Z2WUK1evWF+tqbmND/B9Oe1zPw+N6wZSUs
C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-3.job - C:\Program Files (x86)\Senses\1b58c730-65b5-4e0d-a515-021b356a0503-3.exe /rawdata=hCdzuXn2z7YNMBcjFoeuMQJaqRzBiTvm3GrHkvX0ISyC9FEHofpLihNRt5Thet18JOAvbP9f8iNsQAwmOt+OkOnNA70m4tS7REdkAQchu+psD0Rz9zYj1TkCbl6ZUspexy+DqPQj7uwphE1+D55b5vgzioJllL2/Y8dIQ7jee/QtE+tl571NdOc0oxkO/YJ6QH1rd2ByarYXy8ZsidhqVWZiN4IHyIkyiHuXKx/8udF6tYe3RmEdIHd52HWDyuCWntfMNXndL8FvgU2DKUITQkeLrrFd4dUwQrDttJ9MRyS1nVeNnyLPg9Z3sYRAJEiw/18g3s5pT6aP91UVX7GjNDFzWwJc00I3nvKwXBYKFDeyQGiF+QVWPRgBoYpmad6xN0dkU54UZk7vrSCHNf+dqK/ODob45jVM0+9IIiwNvzVslakVbHuglVBM7cmDbR2xayi7YLAbxhH5mHb7ugqwmv+4tp+vKJTVGGPa2vGvA+B82LObWFPM0EDmnOVRpyc2l23gU7s3eyYk1KNbaAg1Cz6uPm9Cf6GWhcxv+8ejwpMWPuE3r/3xKD9kwedTcNQNh1yMLeb5+Hzciauq+J2rHE1XEkYabIMbNMarg3T142f2+gloHpyFZPjPTbNDGrX8E+nB2hN7Z7WChl9D7l3I0VR5p/vnilE4R8y7a82L68CKLuC1s6GNyPqM6vknrW8FpvDuiiZd9HLa0OrxmxXTQKQEhIhQ8aTd1J83XdiO7n+9k1qiPi/QpKeEGFHRN9gJ/w8Uo/bYxr61QXvxdakRLNAw6DDxn9XvLVBChAbGcTi5ftBhe5KAmfl9BrBkKW5TZ7N4ddSlksakavWSCTue4btxueBSM78GmccUqWY4N2Quxp77jj+gQy3htMDNx/+b+2BA8r02xxjON/egaLa57RKe18pmMX+D+Id0nh2BfTJRD94L8YNlll4hSTlplikK41Rh/6tlQq7/1mkKvN9FiVN8kYCfFTdH5Dqs03ODHaQ+U5BnOpeZvTUQIf4SsbaDGBUsm5Fau1VuArOYzgz0KyML0XAnFhDhfao0uy6J+R1NXAU/BYsGFloJGo6iol7gyeNkoC6K74xFPiA8zVVv9KGfdJzuXLfN2/PSuMr7/NsyMGAxEosdzYdfAsY1xPtm8zFT06z1+VZMB50JNn5N22XdB+AtHWkeQlu78TW4N7wx/xM4VgfXC6K/ZO3BRGVzODteTQVyGPKceh3jvMtxPPq8gC5YW42C0pIOO1kpbnREbV9j7r0EChoFJy666hGCqcY4h8ZzYpOZ7ipx5m5K8xAZ5uvTWSbxrE8kOr0B8r7PfQpPh01TPodUzQSyqvf+e3yvj2Wl9L4csge+iwbfeqGni2lJSYyHtvbFzvIW03NYEpqaddSzxDBqZpkq71l8GTHHipkVNgayewLGzvntGtwYg/KEy1AepHupBe8ID1X4RpUSTb9VqzhwZRtrQmmoSb9aMZH0eGUlnM3Uk0LCLnxyJyOoqDodVOcmngPdeKatqYUSN4m5u8ynQf+g1K9Qwm3kfFeig24rPhUjEVFg+sTlAJ50UybikfGIgqv9mrIEESFQcTg/etqnAgqvXZ8K/Q39QVonnv0/uyDs2bIzRJ3O1WFB4bNkLRQ9kl/efsw72TGi4x2bXFDOvgApYl23CZb+xJ7v4bbljCX0JAk/VGEkR0NiEfPqnQzR7UbkXGA=
C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-4.job - C:\Program Files (x86)\Senses\1b58c730-65b5-4e0d-a515-021b356a0503-4.exe /rawdata=xh75D6xsHnSFxoQpYvjGgD1oSYl/WmwGUtoswvrKJgEJ52NLJu2u0phUbk5W2suN8fuWP2Ypu7iw6b2jC8/Ojuhwx2IU7GnkRm3aX5NjOBUNaeCLAmEPhTOtdAeWbbLHOef1/yQPs4Zn+LAMsOfSa/e9MXka4oa8iQGXnkyCStaSbfYHIAJ7EkYOLegj6tl4w6Bu2bdDqlQ/ZG89B9pMrpoyjiiqn+iKyXA5Lw+ipBsEYznm/ZuoQDRJ8C32g6jKiR9QmtLVXpOm2aUZ+cGEggfhTXdBTigUcN3G3/O9QAhKtlpWxRTtq6qTdKlJEvJeTwlsuxIJMQxbXECex2S6KwsQi3ki13U62N5px/mCWGO+YrHFK9eJGI7gyP6eGVAYU4pcAE6Mo0Hx9JxHWVDnYxKG5JkZJAa3Wl0fmvPPH7p76LPnHO2Y5YHipp5iSvMmMftk69dEVf1/qZr5z0/HerpuYFMwGi8Tbn8eenvUEy3zcndSOOmHglPS1j0ppHlyQ7SC3kU65zieEyy/upkiv9tCIKHqwFkYV8zAoaC7OH+7bvODhqljCGnS9z+P3P6/RHGzDtYys14kdbG3xPom+x9j7BlfkLwUXZrqCLtZ0A7h2pRDaLohM7MWOAqDpN+NO12bqAu6u6r8arcy4FU5uRDYiOe/DfAhjFm44w7s1QItdVvLbwMJt2vfk7VDmVofSd3S/SbbwDaeh/Xq18eI/cQK/oQC8InWJP+mnrDejH5yVwswGyOAwXqkEa+sw4EnopGmkPVKRfIZD/SQpTB++r6WwSlTaRlqGqPpY7zxYhBQYljR3NTiW/vjzx4PmSsrzXz2pAQWtNaMHHiUJ7vZXGUexsx78YdnwrSn/Ox3NHCORl4G32LYLfJvqo8FTftHj5WIScobyZ0MEtbbsIfSQyXiXYLA1sZ4lbWv5JQakmLc+H3M7V5I2TfIIGldcbVuJOWrfjaWDsotKAxajWHZP318SrjO38P1N+ksoKvlQNeZsLxzGkBqQeokAusbL3SGF8FNe5Mau1JWJR+Q1cBNbUCzy0dvHVGDUnw21eIh8NaYVb0byRsiXJWc31yBO7I84cCm25UeFnLxCXSkTW2BK8pv7HsZNeLwHjx1NNe+4jfR1uq4VJgzbqmIsKXFCLovVDUodQTC/84Jl6uLzSgvK2UnSgRcJfLzsHXj3WAaBim7kF9xnIW5QfJR8LdV1mvkuwjDIj+5TDFJEtnMxb2OQXv5UDkn3bHm5/zhDGZKdivaxyobZastyuFcN0Wdyr9blalX81vTyLUz4zJIn1pzSAIk3DXJ8e835+3KfnHhOxtlVS1srx6wLG/tjZexAq1EULt8Sr0kvz5seqJfZXgAdJl00rPcBY41eqa4L6lchhdJyXzw3dcNVOtaWl+pIjNBxZkzplzvaT742XyyBqYpTehR91VJZ8jHnT8dhRz4CJustfWYZ5a+BOOJbptByC4xbUVFP9NrrzmBbijpRN/iYpFnCqUBDjHoj+ysK/bO0ogKOQ5Zgn/ttLpS/R4A1GtLYk5z3MT/9KtR/8tFnki2vWYz7KtbqeHPWVWHC8wHP5tr3dvHvCdcqXUXsfC7WCL2hvRtfh5btfefuqD6C0GBK80QZcT53bs6rGHaW7jXEBUDjpCYYQ2/UkJrzrhVSepdF8fAzMbYGa/wFckzR/XwBq8m7e0u7aq4fAqIm2W07EOvvShMrFUHBscI6xdrbYlpKqbUf8MAsvUULDyYqGZfid5k2ti0Fqf0PTzO4NMn9w8qmL1a9bBXUolZhOYeNdn4B2tQzNrxwBJx7+hjn5WaoY4AICI8QkwWzMUZab4EMQGy1gRGhH2u6vgRRg3sDX6ifiMSgfuex8CZgGvtD1UBNx0X49u4/mfQEu1win62RQA8utGZs93PTn1hj772IbeFF49qmz5NF0vqe/YKLaNemOejBaiLIzPYosGR7rgX0ltduj8rOGNR4blvYK/AwmluwxWIyJc9RzQLHI1RZ8m2Pa+iP2P9NoaCEE4MH6dDLJp5i3IPMs98Y9hFaSeV7x0a
C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5.job - C:\Program Files (x86)\Senses\1b58c730-65b5-4e0d-a515-021b356a0503-5.exe /rawdata=EGrmGApEzdwmOZc+Er3b2RmqzSft1CwFRoNa9roKvC9A48V94x1by4obRu41pD3KHZ/TmUQhty5kp6p5Cj+C9SfdLii9q4f+8Z/14DwBoUFQzxIMyikoPvCOrRrzMmEGNATmrbSuwkpxT2ue3AxuvMm53hsX5vGqyFQZq+zA5bbAh+ebd9RCKtaB9nOI2zSE8pEO8NvKs70QRxrlqxhelWAZFV76ms4upPzDovTVsXjuhD82Ljz1DizGnBCvk/fsIoTk6P7D/QR/mMcSe8BKWEUr27MyfBJ2vG09ZWOl0iYccaGUFSCUisdFTUY5cL4w6YQh0c4Ws6OiPO3qUEbSsrkGbw74b4tfdmijJAe24h5ZvY9k2aFvefqT1jfCH+6vGHcg3/gGXP5CS0eYIr4qKI+iyFfDe5WTizfaksne2WCiZzfT4lYp3o7guAeegNOdvrL7gfnbeA2QMbFU8da4HV0mMyw4P5qwBVcT3TZ1jtSWyGoq/wos9C8HbohGQEfrAFxos1YTANmR5SzTh7afisotTc5DPf94GLaU382qQqnxLVbfYZAyz9+LYid+V6l86k3MjjLcZzuKB/n6YbMlha8HF+EhZHSDdcW+cI/6UBgo3rg8rPr0iC9lbWTxSLeD0Gpr1p/4PrC3FzC5iAmXYGnxksXH/gIum/5pML+/BSplaWaBFCf7y5CDVGsMwhW0WcdQNJ9B9cREc9GZWYl/P/STvpWdvkMlsTEETLrO7vX75etnggxZ0wA/XxaBcKl96+WU3Ujk1rKzak5AVGcT6tsZoJyQDhyZcfNa4i5+QM6fVh+kHeqEcT+yW4OoI6BGWQFx6oe5GQQ+7yTLl7WiI3nGjWESO2nqmmJc5Zq6W91sPsiV7kRskiuA1ljHMH/JlhhCG4NG3QLHRtCvg5kyE8DIcrnWooJj+nWVD1o8/4xczcplxskpeZlxT0p2u+oNEd2ifxvwtocdlYUl8RGZxWaLgjBQP8yDNyGvTdvulKkf1g80GN+ZPWafVUTDPw9fCrrKz8FGxZciwXa5IjZG+EYeSArEgwyoHRrUHRUAJOzIzTGkUOrPZCV6Q0nE8AHx4+jwHHoWI8leuVU3kSfydWfVvnvKH1P4m2+UAWOtb29c8QZb5mO/pKtxDzQnC/1AiaQkBvG0aMGYoiXA5kTZQ+rgduIvztJKwUW7HsJbZHU=
C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5_user.job - C:\Program Files (x86)\Senses\1b58c730-65b5-4e0d-a515-021b356a0503-5.exe /rawdata=EGrmGApEzdwmOZc+Er3b2RmqzSft1CwFRoNa9roKvC9A48V94x1by4obRu41pD3KHZ/TmUQhty5kp6p5Cj+C9SfdLii9q4f+8Z/14DwBoUFQzxIMyikoPvCOrRrzMmEGNATmrbSuwkpxT2ue3AxuvMm53hsX5vGqyFQZq+zA5bbAh+ebd9RCKtaB9nOI2zSE8pEO8NvKs70QRxrlqxhelWAZFV76ms4upPzDovTVsXjuhD82Ljz1DizGnBCvk/fsIoTk6P7D/QR/mMcSe8BKWEUr27MyfBJ2vG09ZWOl0iYccaGUFSCUisdFTUY5cL4w6YQh0c4Ws6OiPO3qUEbSsrkGbw74b4tfdmijJAe24h5ZvY9k2aFvefqT1jfCH+6vGHcg3/gGXP5CS0eYIr4qKI+iyFfDe5WTizfaksne2WCiZzfT4lYp3o7guAeegNOdvrL7gfnbeA2QMbFU8da4HV0mMyw4P5qwBVcT3TZ1jtSWyGoq/wos9C8HbohGQEfrAFxos1YTANmR5SzTh7afisotTc5DPf94GLaU382qQqnxLVbfYZAyz9+LYid+V6l86k3MjjLcZzuKB/n6YbMlha8HF+EhZHSDdcW+cI/6UBgo3rg8rPr0iC9lbWTxSLeD0Gpr1p/4PrC3FzC5iAmXYGnxksXH/gIum/5pML+/BSplaWaBFCf7y5CDVGsMwhW0WcdQNJ9B9cREc9GZWYl/P/STvpWdvkMlsTEETLrO7vX75etnggxZ0wA/XxaBcKl96+WU3Ujk1rKzak5AVGcT6tsZoJyQDhyZcfNa4i5+QM6fVh+kHeqEcT+yW4OoI6BGWQFx6oe5GQQ+7yTLl7WiI3nGjWESO2nqmmJc5Zq6W91sPsiV7kRskiuA1ljHMH/JlhhCG4NG3QLHRtCvg5kyE8DIcrnWooJj+nWVD1o8/4xczcplxskpeZlxT0p2u+oNEd2ifxvwtocdlYUl8RGZxWaLgjBQP8yDNyGvTdvulKkf1g80GN+ZPWafVUTDPw9fUerI9Cw96OUDslFtj9PHxh864CZJpUXEKD8ZtnNFAvBlVTsBXaojTwgost0zZsUgzjWtEkoPO3XkugftF/k10u+/0krd6qDvH+842A169ZsTrS1Jlm3cpQf/Motr2TNqnpO1xKp+hbbyKQCHZMKjM8+cSXoRTDt0SmKbBp1abfk=
C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-6.job - C:\Program Files (x86)\Senses\1b58c730-65b5-4e0d-a515-021b356a0503-6.exe /rawdata=uV17CSzpBsxljWTB9IL1ZfoBYtrq95r0PMxlUipn+ZrsfXW66tqyuRXpZ2zbHCHPXNWahaTacpT8uTOZ1i5nX8qJYikiSEFijCgdfnvvjyiBgCgVgSfQKrQuRww1dl/NYjJV5gsD43fJpokWb4ziWj1gi4oE8bx9ekdqFroPSARJfx5KhHUQL3FaB+PmxDHOUwuCNLf1kGB4HKo/oDANQsRmjWnPimb+60H1ovlFd9g6ziNsjLBTBfulUYXPJbTIdFDebEP4kHW2iFNkWy5vKqQ/UukgpSuBaQzwLnKLSfk8nZ8mK41EQWDnSo/FlHz4oMfv/ri8+6BuAehKkBClwm7oIl/1HjJ6OkVuxkE21MBHUf+qySgZIIMIf6dZgdfKImeihlWY6nyGtRGG6WwdIZBE5j13mkvdr+SYLPvs7mPPF9C7XJwaKPMcqL1bGMmfJ2WA/wB4+88xBFxY0mJUu8WRSBtl/+dBZn7Qjjw9CG8bxRf8QOFwBQYi2HHm7w0dWvYMeM6ljenZHM4y5XmwAWhwLC4IBIeBxu2xVE5v+FMB8Bqu88DEiI6AZGTNzEKFEDCz4nCX0qyaYoo94UGepICYc79+Sy/WC8rK1YM4BUiksKD42cnukN6cIfnUMxDcvGDdZL58cVj8yc/ffPQmq2DRVdGRKxnk7Ny8fTNj7XsrB5a64FJgsDHTdhA4jK5jQBpTgcq7ho29vsSP6YDOMVYouIi3WzOt0aAOYXl7zqaidLOW5YUf0zYXswpaL0CYuMc/9mrZdZmjfAjHON5TP1AA4ss5lsLriNYqqWf1Ubvw9KtdEYlgUVRlEwGpvTTgeD+9PWtU87Mde2yaUGCrs5ivGqCy89+H3o/b9RrfUUvFdTr1tugd5+tYoSfPJmUTIXaq+7QUJev2ZtAnIr/7g+IsYgJDyIBaxK1D0npx8h5R29nfjY5dfgoQ/UjMqcHbRpgwUwCWhtTPMbwHIDPcU34BsJI+LfQLJg158Orkcb+sv7Mjgb4eJj5cT5NID6bTmJ1k6ojaV2YWII5y6QlSUGZ8d5x8G1NVhGGIvb/oIY4aUGr4/75Dj61nZKJDAAqbmLFHJY3v7NHkOPDfVp1ZY3lhtMyIAgMIP5jPXcVIb9v4DhAQLsFZsG0YGkqrXLxCP/8rgdakMhHRakIaZA3jqbwHSYGzGkEHzHsI/BYhIeMzNebEIp9v0K2SSB1Oqhr7uFv3W/cfMLpM3R8P1gh47jpZ4QYc9jSrys6JLl3xbXd9O7/L2e11Ur3dH1Wve1ouMWjz5UI6DR3rofa54WrxyywtGaK2CDpX5k3PN8dzQ8QxhSxh0U3Ma1Zu7Z0DLSW6mYQK8CSrVA5IphKYJzMN+prbiU6/g5T6U6+BDv1yyABb32gQ9mpCUF3udhkJQgs49RefZzo0GwEGp5plOT1Pkq4ip9eUVMskTY30plBG3PHOuLNtQr3BtLbLFQ5F4ZDazcXOIfDBk89TEkFhO2YCFHVjsAykX/MQ3O4YpJ5+KfGPpCBjXwBIjZuT8LEtOflbWSH26SxO6ZkdNyWSndeqn1He9xQ9Wqq5ReOgvVhfTDlyMV8n4mPlfyxmLzUKrZJXRdHP3+YdbqboZKQB6Nc+cd+GCzaYPSCd4HF5dcbwGwYzFM6FE2bkG3LR+eq2gmfSI3Xg2vslVFGiWFmZBGO13AVZ4lba+1rDt68hPZSeXauaklx7hbs9n2mHtd5y/asjhEP6mZCeCgSKhC4vwhNFMPoD8jKWrO7hvV+sgLoPjE8Uw3yve/ye3KltMjDIk5a5SzEH0opg6EC5swdy13CU9Sv0B2VMl+XUjhDYAwUBBdKUhmZoBlNablosEanzqdWdpPdh4aixbtul02usiUX6hAo1c8Il4azTk9n3mQ3oL2zGggYq+2MGKcsGtG1e1xMY1axeRu8NTRJ1XfabCkMD/9DQ0jd39jZQUgzTNu+7qrqBmsxHDw8eo3T26RYT1mmpV22ID1p4DjTpTIWZ5849r4cELeXNLbzHGknYx5Q/BVYI7QIvHq+s6VEG5KR+DFHg
C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-7.job - C:\Program Files (x86)\Senses\1b58c730-65b5-4e0d-a515-021b356a0503-7.exe /rawdata=rjCZ82DlZWLIujm1UiubjrjPN46XO6bO1iTSmJS/yc9H2Ahu161I37t1ExqA5RvKf0/zdmC7gYcnDeu3jPLzPFnTwnfJB+mRgkcBjl90WofSrQT1kM72vllyK/bXzUhOkmk6I8SV9QD04x9Oign2Hvyb4AXGA/iaU3j9kgX52IGOV9BDoOXyq0xRdaSIb3J64TljGD8HinZFAmYcvFtSijg8/ArrjkL/vGHMo6qaRmD21vkPMeTxN2BNXcBHUPkq29qH9MMyt7+B5gfzNPLFB7aZVdJ+OsjiXnLGgMLkchtZz2KLs7Evmtau0uR2sXp+Im1c2zLlebW4LO+LgFvxgLiDVr5+xYQWCY1iD+0e3eKKloCCXewb+yAgCd2E+TEe3zAKnXRCAVEQ4n1v8C/MLOSS0RkDWdZyjyNjvRcpRTK9XvKE+6rUc/0q68p/zVEUsv+fk9o8criBnfCujCp7HEW240AJA26qlLY20d+E/Qf0233/2cSR0EfAOuy1x7jbKUB74DNdyCfjuKco7C5GX/vshTHCTLeV670i7Bd3kI8ZMAOVKMROyKy2gWCx4FDyF4kjVfXumEz+hLtAr0Zh/36qu6Qua5XdKSGurDPNsZtoK76dQLBAwLiw3SPZvqtFPG+NoyW5ffI0yLB38yCEBnyxFVUkwBvVl/6HsiOKy8wKt0r1lUtSXkZUUgp7e/B/4dLCRwILud5rRqojNMmkg3e9hIvDMZwOitRAetKn8wMmm2bt8jAQ4ZtixKYBgUean52DtACrDQcYTFAFeIsJIn0YN8tEThns0NciSTQKItsRVBDJU3UxBZQOMg4LXB3fYtTVP8GALOQgbNh8xsibOlooK1wAfVcNAYfVwQ/0hQsLJHTL8f1pP3k+DLp4r78cQFTCGapEcVlGk/40cy94WYAZHaB5Ntq10vqoo9YJ/WA0kqJIftsrSdufZagA6jc1yzt7ltotAkQoXr2mry5ejbswVGryAYB5B7DsFEI0HjBN21zIb33R2HeF9MqBkoBpKA+JOEv3PkuZHaSTIrK7HBCRHdQaZismeDG8/4WC1OK3QS8rBemwIMbMwRHh7LsCnngNm2UOu9ApPiTFZU9hRke0xU7+SvxE7So5g/L2w+GZecFCCLyOLYBoszC0lUVS6sq8fSR/uNFPhRNqpoBPGxQDSBRDtOiG7Xl4rVag92tTt2KsQR+JzOoBXmwum6NKS+Dpcy2+ZwITsT1wZtXgwbD1f6h89c35vkFvvc+Y4mib6pQz9zRel2ykqfGc09BLnhUtDuTlfE15ibLqfDSmVCvAoWuCSomBLhDLyV5326mS185cPYb52qQWstS0Ioie52FRd68dCg7sjlUch7a3v1hCyLYPqw500KZ1dUF2izq9hDABfhPhKTfARFLsjr5x1ftGjGnnzl75Qj4ndyrStPtZj8Wf1rF954aGv5TrqVf8XjS029NB/wf3aCP5yupQ7cVLQi7CRdrpY9yNKQ6rdyf191NHPbcutr9/PzbpWszwXaRbO9TBwklaxl8n2NuLKFjKkwJRTLka3ORMaW06wY6itB99LOagvxr/BryBSBVKJ1OcHnw9VTT5d/G1rMIKn0mVZYSQf9TMCbv3pgm15aEuwsIS6gkF750E5JTQNrDkqXiUm7Kvkwy6UIPRuTAK9TFAGAhmEwXhy7agMQJHz7YPi4219AIwX/cBkv5JtvZzm9KoxldMMtzk7aI8sThT+Hclqwxrryf6EC7DtiPSnLLrY5Kp4twfcV7wzW7mrG00648zbWneqOempLMbWPImza6c/qX2sn1jU9tR0j0PAA68vH6SNgPyeMFEQVT4O22vSCYTiE+J0/TTlZzoab9rBygfPJqiUkMAJKCqa7IrNg==
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\QTOI.job - C:\Users\Eamon\AppData\Roaming\QTOI.exe /infocmdline=hSBXmxVDJRxDzjVJ1/cTWSYqGiXvP3PcjYkl0SaIFvxuOZIOJjgbbtVrcdNwfT4Vuh9RIoUuKERlZrFo0r2xwT5uljWd/n9ULm+9bM4NW2CQfDNcd93XSBlQNstXUzi+paA8+q7HGJO7u2DFeKoS1MNU9EnHNMjQ4nFpmMjjGv7H+0LBi3pPuZKCx3KquylkTrPcvWMzq7O2+7b5Cb8ttTtlGuWbQ5twA/y347KF1wHbBnECVfNUWEC8uKbdUET80A/dLCJ4l61xVlRDEDuXyaYxlh1qjYAND6tLk2BEHu9YXDR/stV1WD5dZZxAl0BHs0SbXu9I5rTw5mzug4JZarDluIcyd5FbZIngFqX89kSL96ZR8vmS1ateGAA6JDwrRcjhecpUqTIXNWx7XA/GoEAs/q4zbOGKDJMoPjZWC2YUjpWbMLmz7VHCJMVLwg21QSXckdbS9d+jMC6hjIqEf5i0fkxTM3U8gApe4d04c8Hp0MvZNfZ9QDs71SfORCW/
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 78f01119-9f6b-4afb-bc17-49905d19aec1.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:78f01119-9f6b-4afb-bc17-49905d19aec1
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task d6210b91-a7a5-438e-953b-63eeb8b99b17.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:d6210b91-a7a5-438e-953b-63eeb8b99b17
C:\Windows\tasks\SYTVHF.job - C:\Users\Eamon\AppData\Roaming\SYTVHF.exe /infocmdline=ij5hWn/D7SgH3fRuWCzU40FCkkvtmYMUxfozxuLIsWZLJ4lXnqoAWga5abMTIiYpEPEltI6i+gyLcPGl3H/Qd/PUWLoFGY7W/heR6bvbZcITVucbDY0z/wQLfnEjKfe2mJnX7kLcf/nE4D4Wk2sOMmf6ryPKYVGQY91beUyQnfSEvW3a/H7EYeCjU9DoG2yUNHzjm2AB+LjsCdeeaqB8peehnw/cXMDMUQZeZs6kzXcG6xJAqoD4Q/AnSMHQhnavBvJ4PI98kQTlf+eTVx9PpOny46KHXwodHUl0L6a1zkWeF0BUhbhIHhH81J9vRIfT98KY5N4Ssm5YLNjzhxG/CsQ+iKSO0Fys7428316OvKhAFc/MZuQqNfsjrqy0seOIpcP2bP6eAutrhQKB/wOktgavF+M0O4XWyM8WIILqBlw74JAu4SskFqy83pBPHyPPfccLAaBA3HaPt3bvQK/8dfaFdcphplQ4uMUu27cUK1IxSZBt8F4uM1Mf6VSp++x/
=========Mozilla firefox=========
ProfilePath - C:\Users\Eamon\AppData\Roaming\Mozilla\Firefox\Profiles\ci3hmcx9.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}]
Senses - C:\Program Files (x86)\Senses\Senses-bho64.dll [2014-10-21 753568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-16 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}]
Senses - C:\Program Files (x86)\Senses\Senses-bho.dll [2014-10-21 559520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-17 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-16 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-17 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CmPCIaudio"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Cmaudio8768GX"=C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]
"Cmaudio8768GX64"=C:\Windows\system\HsMgr64.exe [2008-07-11 282112]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-09-17 2799784]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2460488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Eamon\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-10-07 7767832]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4085896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-10-23 18:21:01 ----D---- C:\rsit
2014-10-23 18:21:01 ----D---- C:\Program Files\trend micro
2014-10-23 18:18:23 ----D---- C:\Program Files (x86)\Nsasoft
2014-10-22 18:32:12 ----D---- C:\Program Files (x86)\Ryse Son of Rome
2014-10-21 13:49:18 ----A---- C:\Users\Eamon\AppData\Roaming\QTOI.exe
2014-10-21 13:48:35 ----A---- C:\Users\Eamon\AppData\Roaming\SYTVHF.exe
2014-10-21 13:48:27 ----D---- C:\Program Files (x86)\Senses
2014-10-20 18:19:49 ----D---- C:\ProgramData\Codemasters
2014-10-20 15:26:23 ----D---- C:\Windows\system32\log
2014-10-17 19:43:15 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-10-17 19:43:10 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-17 19:43:10 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-10-17 19:43:10 ----A---- C:\Windows\SYSWOW64\java.exe
2014-10-17 19:42:56 ----D---- C:\Program Files (x86)\Java
2014-10-17 13:22:38 ----D---- C:\Users\Eamon\AppData\Roaming\LavasoftStatistics
2014-10-16 19:12:34 ----A---- C:\autoexec.bat
2014-10-16 17:49:43 ----D---- C:\Users\Eamon\AppData\Roaming\Frogwares
2014-10-16 17:08:03 ----D---- C:\ProgramData\IePluginServices
2014-10-16 17:06:09 ----AD---- C:\ProgramData\TEMP
2014-10-16 16:33:57 ----D---- C:\Users\Eamon\AppData\Roaming\Steam
2014-10-16 12:27:09 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-16 12:27:09 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-16 12:27:09 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-16 12:27:09 ----A---- C:\Windows\system32\mscories.dll
2014-10-16 12:27:09 ----A---- C:\Windows\system32\mscorier.dll
2014-10-16 12:27:09 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 22:33:22 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2014-10-15 10:12:57 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 10:12:45 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 10:12:45 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 10:12:45 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 10:12:45 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 10:12:43 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 10:12:42 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 10:12:42 ----A---- C:\Windows\system32\mf.dll
2014-10-15 10:12:41 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 10:12:41 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 10:12:41 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 10:12:40 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 10:12:39 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 10:12:39 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 10:12:39 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 10:12:39 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 10:12:39 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 10:12:39 ----A---- C:\Windows\system32\ci.dll
2014-10-15 10:12:39 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 10:12:38 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 10:12:38 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 10:12:38 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 10:12:38 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 10:12:38 ----A---- C:\Windows\system32\winload.exe
2014-10-15 10:12:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 10:12:38 ----A---- C:\Windows\system32\evr.dll
2014-10-15 10:12:38 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 10:12:38 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 10:12:38 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 10:12:37 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 10:12:37 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 10:12:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 10:12:37 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 10:12:37 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 10:12:37 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 10:12:37 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 10:12:37 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 10:12:37 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 10:12:37 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 10:12:36 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 10:12:36 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 10:12:36 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 10:12:36 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 10:12:36 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 10:12:35 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 10:12:35 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 10:12:35 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 10:12:35 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 10:12:35 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 10:12:35 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 10:12:35 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 10:12:35 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 10:12:35 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 10:12:34 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 10:12:34 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 10:12:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 10:12:33 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 10:12:33 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 10:12:33 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 10:12:33 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 10:12:33 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 10:12:33 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 10:12:33 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 10:12:33 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 10:12:33 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 10:12:33 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 10:12:33 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 10:12:33 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 10:12:33 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 10:12:33 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 10:12:33 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 10:12:32 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 10:12:32 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 10:12:32 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 10:12:32 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 10:12:25 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 10:12:25 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 10:12:25 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 10:12:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 10:12:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 10:12:23 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 10:12:23 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 10:12:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 10:12:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 10:12:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 10:12:22 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 10:12:22 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 10:12:22 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 10:12:22 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 10:12:22 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 10:12:22 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 10:12:22 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 10:12:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 10:12:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 10:12:21 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 10:12:21 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 10:12:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 10:12:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 10:12:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 10:12:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 10:12:20 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 10:12:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 10:12:20 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 10:12:20 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 10:12:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 10:12:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 10:12:19 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 10:12:19 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 10:12:19 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 10:12:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 10:12:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 10:12:18 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 10:12:18 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 10:12:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 10:12:18 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 10:12:18 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 10:12:18 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 10:12:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 10:12:17 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 10:12:17 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 10:12:17 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 10:12:17 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 10:12:17 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 10:12:16 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 10:12:16 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 10:12:16 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 10:12:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 10:12:16 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 10:12:15 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 10:12:15 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 09:51:07 ----A---- C:\Windows\system32\msi.dll
2014-10-15 09:51:06 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 09:51:02 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 09:51:02 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 09:50:55 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 09:50:55 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 09:50:54 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 09:50:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 09:50:54 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-15 09:50:54 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 09:50:54 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-15 09:50:54 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 09:50:54 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 09:50:54 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 09:50:54 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 09:50:54 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 09:50:54 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 09:50:54 ----A---- C:\Windows\system32\mstsc.exe
2014-10-15 09:50:54 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 09:50:54 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 09:50:53 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 09:50:46 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 09:50:46 ----A---- C:\Windows\system32\packager.dll
2014-10-01 12:07:30 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-01 12:07:30 ----A---- C:\Windows\system32\qdvd.dll
2014-09-28 14:07:28 ----RD---- C:\Program Files (x86)\Skype
2014-09-26 15:58:08 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-26 15:58:08 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 1 month======
2014-10-23 18:21:04 ----D---- C:\Windows\Temp
2014-10-23 18:21:01 ----D---- C:\Program Files
2014-10-23 18:18:23 ----RD---- C:\Program Files (x86)
2014-10-23 18:18:21 ----D---- C:\Windows\Prefetch
2014-10-23 18:11:14 ----D---- C:\Windows\SysWOW64
2014-10-23 18:11:14 ----D---- C:\Windows
2014-10-23 18:11:14 ----D---- C:\Program Files (x86)\Common Files
2014-10-23 18:11:09 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-23 18:11:06 ----RSD---- C:\Windows\Fonts
2014-10-23 18:11:06 ----D---- C:\Windows\Help
2014-10-23 18:08:16 ----D---- C:\Users\Eamon\AppData\Roaming\uTorrent
2014-10-23 18:08:16 ----D---- C:\Users\Eamon\AppData\Roaming\DAEMON Tools Lite
2014-10-23 18:08:07 ----D---- C:\Windows\inf
2014-10-23 18:04:26 ----D---- C:\Program Files\CCleaner
2014-10-23 11:02:13 ----D---- C:\Windows\system32\config
2014-10-23 10:45:07 ----D---- C:\Program Files\SUPERAntiSpyware
2014-10-23 10:43:10 ----D---- C:\ProgramData\NVIDIA
2014-10-22 22:15:49 ----D---- C:\Users\Eamon\AppData\Roaming\Skype
2014-10-22 18:35:57 ----SHD---- C:\System Volume Information
2014-10-21 15:02:26 ----D---- C:\Windows\System32
2014-10-21 15:02:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-21 13:51:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-21 13:50:23 ----D---- C:\Windows\Tasks
2014-10-21 13:50:23 ----D---- C:\Windows\system32\Tasks
2014-10-21 13:48:40 ----SHD---- C:\Windows\Installer
2014-10-20 18:19:49 ----HD---- C:\ProgramData
2014-10-20 18:06:32 ----D---- C:\Games
2014-10-20 15:45:23 ----D---- C:\Windows\system32\drivers
2014-10-17 19:43:28 ----D---- C:\ProgramData\Oracle
2014-10-17 15:08:40 ----D---- C:\Program Files\Common Files
2014-10-16 22:23:36 ----D---- C:\Windows\winsxs
2014-10-16 17:27:17 ----HD---- C:\Windows\system32\GroupPolicy
2014-10-16 17:27:17 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2014-10-16 17:16:34 ----D---- C:\Windows\debug
2014-10-16 17:04:33 ----D---- C:\Users\Eamon\AppData\Roaming\Seznam.cz
2014-10-16 14:32:35 ----D---- C:\Windows\rescache
2014-10-16 13:52:25 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-10-16 12:39:46 ----D---- C:\Windows\Microsoft.NET
2014-10-16 12:37:11 ----RSD---- C:\Windows\assembly
2014-10-16 12:20:21 ----D---- C:\Windows\system32\catroot2
2014-10-16 12:11:15 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-16 12:11:15 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-16 12:11:15 ----D---- C:\Program Files\Windows Media Player
2014-10-16 12:11:15 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-16 12:11:13 ----D---- C:\Windows\system32\en-US
2014-10-16 12:11:13 ----D---- C:\Windows\system32\Dism
2014-10-16 12:11:13 ----D---- C:\Windows\system32\cs-CZ
2014-10-16 12:11:11 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-16 12:11:11 ----D---- C:\Windows\system32\Boot
2014-10-16 12:11:10 ----SD---- C:\Windows\system32\CompatTel
2014-10-16 12:11:09 ----D---- C:\Program Files\Internet Explorer
2014-10-16 12:11:08 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 22:38:48 ----D---- C:\ProgramData\Microsoft Help
2014-10-15 22:33:12 ----D---- C:\Windows\system32\MRT
2014-10-15 22:27:54 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 09:50:37 ----D---- C:\Windows\system32\catroot
2014-10-05 15:40:56 ----D---- C:\Windows\Logs
2014-10-02 15:53:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-09-28 14:07:32 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-16 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-16 224896]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-07-30 386680]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-16 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-16 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-16 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-08-02 283064]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-16 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-16 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-16 92008]
R3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmudax3.sys [2011-03-30 2491392]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2012-08-07 65152]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2012-08-07 88832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-09-17 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 19272]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-04-10 849992]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
S3 ahj3zvgw;ahj3zvgw; C:\Windows\system32\drivers\ahj3zvgw.sys []
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fet6x64.sys [2009-06-10 47872]
S3 netr28x;Ralink 802.11n – bezdrátový ovladač pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
S3 netr7364;Gigabyte RT73 - ovladač pro bezdrátovou síť pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-08-13 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-16 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 1148744]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 19439944]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-09-13 934216]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-06 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2013-07-06 107832]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-09-13 411968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-21 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-14 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-14 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-15 119408]
S3 NMSAccessU;NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu, pc si dela co chce
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosim o kontrolu, pc si dela co chce
Zdravim 
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o kontrolu, pc si dela co chce
OTL logfile created on: 23.10.2014 18:54:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eamon\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,96 Gb Total Physical Memory | 5,61 Gb Available Physical Memory | 70,44% Memory free
15,93 Gb Paging File | 13,31 Gb Available in Paging File | 83,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,36 Gb Total Space | 26,34 Gb Free Space | 9,43% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 185,85 Gb Free Space | 79,81% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 228,21 Gb Free Space | 76,56% Space Free | Partition Type: NTFS
Drive G: | 25,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: EAMON-PC | User Name: Eamon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2014.10.23 18:51:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eamon\Downloads\OTL.exe
PRC - [2014.10.21 13:48:49 | 001,212,832 | ---- | M] (Object Browser) -- C:\Program Files (x86)\Senses\1b58c730-65b5-4e0d-a515-021b356a0503-6.exe
PRC - [2014.10.19 00:07:30 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
PRC - [2014.10.10 04:04:06 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.09.17 04:15:08 | 002,460,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.09.17 04:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.09.13 22:12:58 | 000,411,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014.09.12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.07.31 15:44:52 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014.07.16 15:44:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.03.04 11:19:52 | 003,696,912 | ---- | M] (Disc Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2013.07.06 12:55:17 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2013.07.06 12:55:00 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2008.07.11 15:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe
========== Modules (No Company Name) ==========
MOD - [2014.10.21 13:48:49 | 000,139,168 | ---- | M] () -- C:\Program Files (x86)\Senses\8d530ec7-bf35-43d6-bd2f-dc57dad62877.dll
MOD - [2014.10.10 04:04:04 | 014,902,600 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
MOD - [2014.10.10 04:04:02 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
MOD - [2014.10.10 04:03:56 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
MOD - [2014.10.10 04:03:54 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
MOD - [2014.10.10 04:03:53 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
MOD - [2014.07.16 15:44:35 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.07.16 15:44:33 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013.04.29 11:54:54 | 001,663,000 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
MOD - [2013.04.22 12:47:54 | 000,541,208 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\postak3.dll
MOD - [2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\18385libfoxloader.dll
MOD - [2013.03.25 16:39:52 | 000,894,968 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2008.07.11 15:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe
========== Services (SafeList) ==========
SRV:64bit: - [2014.09.19 03:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.09.17 04:14:56 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014.09.17 04:14:52 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014.08.13 18:49:09 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2014.07.16 15:44:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.10.21 13:51:05 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.09.17 04:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.09.13 22:12:58 | 000,411,968 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.09.12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.08.15 18:10:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.07.06 12:55:17 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2013.07.06 12:55:00 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2008.10.20 21:18:26 | 000,071,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.09.17 06:51:20 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014.09.17 04:14:52 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014.09.04 21:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014.08.02 15:21:12 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014.07.30 12:42:23 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2014.07.16 15:44:53 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.07.16 15:44:38 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014.07.16 15:44:38 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.07.16 15:44:38 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.07.16 15:44:38 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.07.16 15:44:38 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.07.16 15:44:38 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.07.16 15:44:38 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2013.04.10 11:09:24 | 000,849,992 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.08.28 14:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012.08.07 15:09:00 | 000,088,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2012.08.07 15:09:00 | 000,065,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011.03.30 12:16:32 | 002,491,392 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 22:35:58 | 000,047,872 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fet6x64.sys -- (FETNDIS)
DRV:64bit: - [2009.06.10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.06.10 22:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}: "URL" = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}: "URL" = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes,DefaultScope = {15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{52AE174B-A5EB-4CDA-B85D-42F0BD5B190A}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{87D854F8-2170-4ECA-9DCC-82F2ACAB4030}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{9AD5D1E8-8522-4F87-80E5-68E839780E4F}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}: "URL" = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{AAAD57E5-F909-45EC-A89B-778D4A40A05E}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{AB4AB3B2-8603-46E5-A2AF-DC15AFFD41E1}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{D455EE11-1273-4605-840A-504957543C4D}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{D9CFDB88-9CC7-4618-9FCA-34363CD1A66D}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{E8F316CD-9869-463C-B146-06B7E8D1BCC5}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{F14B1102-1C65-4B44-B033-F00DB48E86F4}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "mystartsearch"
FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll File not found
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.07.16 15:44:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\faststartff@gmail.com: C:\Users\Eamon\AppData\Roaming\Mozilla\Firefox\Profiles\ci3hmcx9.default\extensions\faststartff@gmail.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014.01.25 16:43:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eamon\AppData\Roaming\Mozilla\Extensions
[2014.10.23 18:01:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eamon\AppData\Roaming\Mozilla\Firefox\Profiles\ci3hmcx9.default\extensions
[2014.08.15 18:10:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.08.15 18:10:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Senses) - {11111111-1111-1111-1111-110611191115} - C:\Program Files (x86)\Senses\Senses-bho64.dll (Object Browser)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Senses) - {11111111-1111-1111-1111-110611191115} - C:\Program Files (x86)\Senses\Senses-bho.dll (Object Browser)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [Cmaudio8768GX] C:\Windows\syswow64\HsMgr.exe ()
O4:64bit: - HKLM..\Run: [Cmaudio8768GX64] C:\Windows\system\HsMgr64.exe ()
O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Eamon\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{730F6FE2-F745-4C1A-A319-0608BAAAEC3B}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.10.16 19:12:34 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1999.12.12 00:00:00 | 000,000,041 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{166ebc0e-1a32-11e4-92c7-94de802fa095}\Shell - "" = AutoRun
O33 - MountPoints2\{166ebc0e-1a32-11e4-92c7-94de802fa095}\Shell\AutoRun\command - "" = G:\setup.exe -- [1999.12.12 00:00:00 | 000,644,175 | R--- | M] (CODEX )
O33 - MountPoints2\{63d20e26-8419-11e3-8dc2-94de802fa095}\Shell - "" = AutoRun
O33 - MountPoints2\{63d20e26-8419-11e3-8dc2-94de802fa095}\Shell\AutoRun\command - "" = H:\DPFMate350.exe
O33 - MountPoints2\{b83f1306-511d-11e4-8c38-94de802fa095}\Shell - "" = AutoRun
O33 - MountPoints2\{b83f1306-511d-11e4-8c38-94de802fa095}\Shell\AutoRun\command - "" = I:\DPFMate350.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2014.10.23 18:21:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.10.23 18:21:01 | 000,000,000 | ---D | C] -- C:\rsit
[2014.10.23 18:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegAuditor
[2014.10.23 18:18:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nsasoft
[2014.10.22 19:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ryse Son of Rome
[2014.10.22 18:32:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ryse Son of Rome
[2014.10.21 13:49:18 | 001,464,224 | ---- | C] (Object Browser) -- C:\Users\Eamon\AppData\Roaming\QTOI.exe
[2014.10.21 13:48:35 | 001,943,456 | ---- | C] (Object Browser) -- C:\Users\Eamon\AppData\Roaming\SYTVHF.exe
[2014.10.21 13:48:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Senses
[2014.10.20 18:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2014.10.20 18:19:46 | 000,000,000 | ---D | C] -- C:\Users\Eamon\AppData\Local\SKIDROW
[2014.10.20 15:26:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log
[2014.10.17 19:43:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.10.17 19:43:15 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.10.17 19:43:10 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.10.17 19:43:10 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.10.17 19:43:10 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.10.17 19:43:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.10.17 19:42:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014.10.17 13:22:38 | 000,000,000 | ---D | C] -- C:\Users\Eamon\AppData\Roaming\LavasoftStatistics
[2014.10.16 19:12:17 | 000,000,000 | ---D | C] -- C:\Users\Eamon\Start Menu
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2014.10.23 18:55:54 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.10.23 18:48:00 | 000,004,464 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-6.job
[2014.10.23 18:21:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.10.23 18:18:23 | 000,001,153 | ---- | M] () -- C:\Users\Eamon\Desktop\RegAuditor.lnk
[2014.10.23 18:12:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.10.23 18:04:27 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.10.23 13:49:36 | 000,004,464 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-4.job
[2014.10.23 13:49:04 | 000,001,334 | ---- | M] () -- C:\Windows\tasks\QTOI.job
[2014.10.23 13:49:00 | 000,003,750 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-1.job
[2014.10.23 13:49:00 | 000,002,760 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5_user.job
[2014.10.23 13:49:00 | 000,002,760 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5.job
[2014.10.23 13:48:07 | 000,003,784 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-3.job
[2014.10.23 13:48:03 | 000,005,490 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-11.job
[2014.10.23 13:48:03 | 000,001,338 | ---- | M] () -- C:\Windows\tasks\SYTVHF.job
[2014.10.23 13:48:01 | 000,004,128 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-7.job
[2014.10.23 10:50:54 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.10.23 10:50:54 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.10.23 10:43:38 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.10.23 10:43:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.10.23 10:43:03 | 2118,815,743 | -HS- | M] () -- C:\hiberfil.sys
[2014.10.22 19:09:06 | 000,001,157 | ---- | M] () -- C:\Users\Eamon\Desktop\Ryse Son of Rome.lnk
[2014.10.21 15:02:26 | 001,584,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.10.21 15:02:26 | 000,668,866 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.10.21 15:02:26 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.10.21 15:02:26 | 000,141,526 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.10.21 15:02:26 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.10.21 13:51:04 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.10.21 13:51:04 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.10.21 13:49:18 | 001,464,224 | ---- | M] (Object Browser) -- C:\Users\Eamon\AppData\Roaming\QTOI.exe
[2014.10.21 13:48:35 | 001,943,456 | ---- | M] (Object Browser) -- C:\Users\Eamon\AppData\Roaming\SYTVHF.exe
[2014.10.20 18:18:54 | 000,001,653 | ---- | M] () -- C:\Users\Eamon\Desktop\Play F1 2013.lnk
[2014.10.17 19:43:01 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.10.17 19:42:58 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.10.17 19:42:58 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.10.17 19:42:58 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.10.16 19:12:34 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.10.23 18:55:54 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.10.23 18:18:23 | 000,001,153 | ---- | C] () -- C:\Users\Eamon\Desktop\RegAuditor.lnk
[2014.10.22 19:09:06 | 000,001,157 | ---- | C] () -- C:\Users\Eamon\Desktop\Ryse Son of Rome.lnk
[2014.10.21 13:49:46 | 000,002,760 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5_user.job
[2014.10.21 13:49:38 | 000,002,760 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5.job
[2014.10.21 13:49:21 | 000,003,750 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-1.job
[2014.10.21 13:49:19 | 000,001,334 | ---- | C] () -- C:\Windows\tasks\QTOI.job
[2014.10.21 13:49:00 | 000,004,464 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-4.job
[2014.10.21 13:48:46 | 000,004,464 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-6.job
[2014.10.21 13:48:43 | 000,004,128 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-7.job
[2014.10.21 13:48:37 | 000,005,490 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-11.job
[2014.10.21 13:48:36 | 000,001,338 | ---- | C] () -- C:\Windows\tasks\SYTVHF.job
[2014.10.21 13:48:30 | 000,003,784 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-3.job
[2014.10.20 18:18:54 | 000,001,653 | ---- | C] () -- C:\Users\Eamon\Desktop\Play F1 2013.lnk
[2014.10.16 19:12:34 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014.09.01 10:18:44 | 000,002,086 | ---- | C] () -- C:\Users\Eamon\AppData\Roaming\QTOI
[2014.09.01 10:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Eamon\AppData\Roaming\SYTVHF
[2014.02.11 15:10:35 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2013.11.16 15:02:41 | 000,302,592 | ---- | C] () -- C:\Windows\mauninst.exe
[2013.07.06 12:55:09 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.07.06 12:54:59 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.07.06 12:54:59 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.07.04 15:12:11 | 000,000,000 | ---- | C] () -- C:\Users\Eamon\regbcm
[2013.07.02 12:34:54 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013.07.01 18:28:18 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2013.07.01 18:28:18 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP6.dll
[2013.07.01 18:28:17 | 000,000,317 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2013.07.01 18:27:27 | 000,003,518 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2013.07.01 18:27:27 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
[2013.07.01 18:27:27 | 000,000,211 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2013.07.01 17:59:30 | 001,559,268 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eamon\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,96 Gb Total Physical Memory | 5,61 Gb Available Physical Memory | 70,44% Memory free
15,93 Gb Paging File | 13,31 Gb Available in Paging File | 83,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,36 Gb Total Space | 26,34 Gb Free Space | 9,43% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 185,85 Gb Free Space | 79,81% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 228,21 Gb Free Space | 76,56% Space Free | Partition Type: NTFS
Drive G: | 25,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: EAMON-PC | User Name: Eamon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2014.10.23 18:51:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eamon\Downloads\OTL.exe
PRC - [2014.10.21 13:48:49 | 001,212,832 | ---- | M] (Object Browser) -- C:\Program Files (x86)\Senses\1b58c730-65b5-4e0d-a515-021b356a0503-6.exe
PRC - [2014.10.19 00:07:30 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
PRC - [2014.10.10 04:04:06 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.09.17 04:15:08 | 002,460,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.09.17 04:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.09.13 22:12:58 | 000,411,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014.09.12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.07.31 15:44:52 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014.07.16 15:44:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.03.04 11:19:52 | 003,696,912 | ---- | M] (Disc Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2013.07.06 12:55:17 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2013.07.06 12:55:00 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2008.07.11 15:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe
========== Modules (No Company Name) ==========
MOD - [2014.10.21 13:48:49 | 000,139,168 | ---- | M] () -- C:\Program Files (x86)\Senses\8d530ec7-bf35-43d6-bd2f-dc57dad62877.dll
MOD - [2014.10.10 04:04:04 | 014,902,600 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll
MOD - [2014.10.10 04:04:02 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
MOD - [2014.10.10 04:03:56 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
MOD - [2014.10.10 04:03:54 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
MOD - [2014.10.10 04:03:53 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
MOD - [2014.07.16 15:44:35 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.07.16 15:44:33 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013.04.29 11:54:54 | 001,663,000 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
MOD - [2013.04.22 12:47:54 | 000,541,208 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\postak3.dll
MOD - [2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\18385libfoxloader.dll
MOD - [2013.03.25 16:39:52 | 000,894,968 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2008.07.11 15:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe
========== Services (SafeList) ==========
SRV:64bit: - [2014.09.19 03:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.09.17 04:14:56 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014.09.17 04:14:52 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014.08.13 18:49:09 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2014.07.16 15:44:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.10.21 13:51:05 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.09.17 04:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.09.13 22:12:58 | 000,411,968 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.09.12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.08.15 18:10:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.07.06 12:55:17 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2013.07.06 12:55:00 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2008.10.20 21:18:26 | 000,071,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.09.17 06:51:20 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014.09.17 04:14:52 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014.09.04 21:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014.08.02 15:21:12 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014.07.30 12:42:23 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2014.07.16 15:44:53 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.07.16 15:44:38 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014.07.16 15:44:38 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.07.16 15:44:38 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.07.16 15:44:38 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.07.16 15:44:38 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.07.16 15:44:38 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.07.16 15:44:38 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2013.04.10 11:09:24 | 000,849,992 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.08.28 14:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012.08.07 15:09:00 | 000,088,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2012.08.07 15:09:00 | 000,065,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011.03.30 12:16:32 | 002,491,392 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 22:35:58 | 000,047,872 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fet6x64.sys -- (FETNDIS)
DRV:64bit: - [2009.06.10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.06.10 22:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}: "URL" = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}: "URL" = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes,DefaultScope = {15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{52AE174B-A5EB-4CDA-B85D-42F0BD5B190A}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{87D854F8-2170-4ECA-9DCC-82F2ACAB4030}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{9AD5D1E8-8522-4F87-80E5-68E839780E4F}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}: "URL" = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{AAAD57E5-F909-45EC-A89B-778D4A40A05E}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{AB4AB3B2-8603-46E5-A2AF-DC15AFFD41E1}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{D455EE11-1273-4605-840A-504957543C4D}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{D9CFDB88-9CC7-4618-9FCA-34363CD1A66D}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{E8F316CD-9869-463C-B146-06B7E8D1BCC5}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..\SearchScopes\{F14B1102-1C65-4B44-B033-F00DB48E86F4}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_12454
IE - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "mystartsearch"
FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll File not found
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.07.16 15:44:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\faststartff@gmail.com: C:\Users\Eamon\AppData\Roaming\Mozilla\Firefox\Profiles\ci3hmcx9.default\extensions\faststartff@gmail.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014.01.25 16:43:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eamon\AppData\Roaming\Mozilla\Extensions
[2014.10.23 18:01:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eamon\AppData\Roaming\Mozilla\Firefox\Profiles\ci3hmcx9.default\extensions
[2014.08.15 18:10:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.08.15 18:10:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\
CHR - Extension: No name found = C:\Users\Eamon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Senses) - {11111111-1111-1111-1111-110611191115} - C:\Program Files (x86)\Senses\Senses-bho64.dll (Object Browser)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Senses) - {11111111-1111-1111-1111-110611191115} - C:\Program Files (x86)\Senses\Senses-bho.dll (Object Browser)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [Cmaudio8768GX] C:\Windows\syswow64\HsMgr.exe ()
O4:64bit: - HKLM..\Run: [Cmaudio8768GX64] C:\Windows\system\HsMgr64.exe ()
O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Eamon\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-365329572-2436669202-1961577668-1000\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{730F6FE2-F745-4C1A-A319-0608BAAAEC3B}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.10.16 19:12:34 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1999.12.12 00:00:00 | 000,000,041 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{166ebc0e-1a32-11e4-92c7-94de802fa095}\Shell - "" = AutoRun
O33 - MountPoints2\{166ebc0e-1a32-11e4-92c7-94de802fa095}\Shell\AutoRun\command - "" = G:\setup.exe -- [1999.12.12 00:00:00 | 000,644,175 | R--- | M] (CODEX )
O33 - MountPoints2\{63d20e26-8419-11e3-8dc2-94de802fa095}\Shell - "" = AutoRun
O33 - MountPoints2\{63d20e26-8419-11e3-8dc2-94de802fa095}\Shell\AutoRun\command - "" = H:\DPFMate350.exe
O33 - MountPoints2\{b83f1306-511d-11e4-8c38-94de802fa095}\Shell - "" = AutoRun
O33 - MountPoints2\{b83f1306-511d-11e4-8c38-94de802fa095}\Shell\AutoRun\command - "" = I:\DPFMate350.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2014.10.23 18:21:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.10.23 18:21:01 | 000,000,000 | ---D | C] -- C:\rsit
[2014.10.23 18:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegAuditor
[2014.10.23 18:18:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nsasoft
[2014.10.22 19:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ryse Son of Rome
[2014.10.22 18:32:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ryse Son of Rome
[2014.10.21 13:49:18 | 001,464,224 | ---- | C] (Object Browser) -- C:\Users\Eamon\AppData\Roaming\QTOI.exe
[2014.10.21 13:48:35 | 001,943,456 | ---- | C] (Object Browser) -- C:\Users\Eamon\AppData\Roaming\SYTVHF.exe
[2014.10.21 13:48:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Senses
[2014.10.20 18:19:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2014.10.20 18:19:46 | 000,000,000 | ---D | C] -- C:\Users\Eamon\AppData\Local\SKIDROW
[2014.10.20 15:26:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log
[2014.10.17 19:43:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.10.17 19:43:15 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.10.17 19:43:10 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.10.17 19:43:10 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.10.17 19:43:10 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.10.17 19:43:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.10.17 19:42:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014.10.17 13:22:38 | 000,000,000 | ---D | C] -- C:\Users\Eamon\AppData\Roaming\LavasoftStatistics
[2014.10.16 19:12:17 | 000,000,000 | ---D | C] -- C:\Users\Eamon\Start Menu
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2014.10.23 18:55:54 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.10.23 18:48:00 | 000,004,464 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-6.job
[2014.10.23 18:21:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.10.23 18:18:23 | 000,001,153 | ---- | M] () -- C:\Users\Eamon\Desktop\RegAuditor.lnk
[2014.10.23 18:12:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.10.23 18:04:27 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.10.23 13:49:36 | 000,004,464 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-4.job
[2014.10.23 13:49:04 | 000,001,334 | ---- | M] () -- C:\Windows\tasks\QTOI.job
[2014.10.23 13:49:00 | 000,003,750 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-1.job
[2014.10.23 13:49:00 | 000,002,760 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5_user.job
[2014.10.23 13:49:00 | 000,002,760 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5.job
[2014.10.23 13:48:07 | 000,003,784 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-3.job
[2014.10.23 13:48:03 | 000,005,490 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-11.job
[2014.10.23 13:48:03 | 000,001,338 | ---- | M] () -- C:\Windows\tasks\SYTVHF.job
[2014.10.23 13:48:01 | 000,004,128 | ---- | M] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-7.job
[2014.10.23 10:50:54 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.10.23 10:50:54 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.10.23 10:43:38 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.10.23 10:43:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.10.23 10:43:03 | 2118,815,743 | -HS- | M] () -- C:\hiberfil.sys
[2014.10.22 19:09:06 | 000,001,157 | ---- | M] () -- C:\Users\Eamon\Desktop\Ryse Son of Rome.lnk
[2014.10.21 15:02:26 | 001,584,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.10.21 15:02:26 | 000,668,866 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.10.21 15:02:26 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.10.21 15:02:26 | 000,141,526 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.10.21 15:02:26 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.10.21 13:51:04 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.10.21 13:51:04 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.10.21 13:49:18 | 001,464,224 | ---- | M] (Object Browser) -- C:\Users\Eamon\AppData\Roaming\QTOI.exe
[2014.10.21 13:48:35 | 001,943,456 | ---- | M] (Object Browser) -- C:\Users\Eamon\AppData\Roaming\SYTVHF.exe
[2014.10.20 18:18:54 | 000,001,653 | ---- | M] () -- C:\Users\Eamon\Desktop\Play F1 2013.lnk
[2014.10.17 19:43:01 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.10.17 19:42:58 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.10.17 19:42:58 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.10.17 19:42:58 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.10.16 19:12:34 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.10.23 18:55:54 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.10.23 18:18:23 | 000,001,153 | ---- | C] () -- C:\Users\Eamon\Desktop\RegAuditor.lnk
[2014.10.22 19:09:06 | 000,001,157 | ---- | C] () -- C:\Users\Eamon\Desktop\Ryse Son of Rome.lnk
[2014.10.21 13:49:46 | 000,002,760 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5_user.job
[2014.10.21 13:49:38 | 000,002,760 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5.job
[2014.10.21 13:49:21 | 000,003,750 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-1.job
[2014.10.21 13:49:19 | 000,001,334 | ---- | C] () -- C:\Windows\tasks\QTOI.job
[2014.10.21 13:49:00 | 000,004,464 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-4.job
[2014.10.21 13:48:46 | 000,004,464 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-6.job
[2014.10.21 13:48:43 | 000,004,128 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-7.job
[2014.10.21 13:48:37 | 000,005,490 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-11.job
[2014.10.21 13:48:36 | 000,001,338 | ---- | C] () -- C:\Windows\tasks\SYTVHF.job
[2014.10.21 13:48:30 | 000,003,784 | ---- | C] () -- C:\Windows\tasks\1b58c730-65b5-4e0d-a515-021b356a0503-3.job
[2014.10.20 18:18:54 | 000,001,653 | ---- | C] () -- C:\Users\Eamon\Desktop\Play F1 2013.lnk
[2014.10.16 19:12:34 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014.09.01 10:18:44 | 000,002,086 | ---- | C] () -- C:\Users\Eamon\AppData\Roaming\QTOI
[2014.09.01 10:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Eamon\AppData\Roaming\SYTVHF
[2014.02.11 15:10:35 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2013.11.16 15:02:41 | 000,302,592 | ---- | C] () -- C:\Windows\mauninst.exe
[2013.07.06 12:55:09 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.07.06 12:54:59 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.07.06 12:54:59 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.07.04 15:12:11 | 000,000,000 | ---- | C] () -- C:\Users\Eamon\regbcm
[2013.07.02 12:34:54 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013.07.01 18:28:18 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2013.07.01 18:28:18 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP6.dll
[2013.07.01 18:28:17 | 000,000,317 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2013.07.01 18:27:27 | 000,003,518 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2013.07.01 18:27:27 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
[2013.07.01 18:27:27 | 000,000,211 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2013.07.01 17:59:30 | 001,559,268 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
Re: Prosim o kontrolu, pc si dela co chce
[2013.12.03 20:32:37 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\AVAST Software
[2014.03.06 15:55:15 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\BSplayer
[2013.07.01 18:28:48 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\BSplayer Pro
[2013.09.28 18:52:54 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Canneverbe_Limited
[2014.10.23 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\DAEMON Tools Lite
[2014.04.11 18:48:43 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Dropbox
[2014.04.11 18:48:43 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\DropboxMaster
[2014.10.16 17:49:43 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Frogwares
[2013.10.31 12:59:17 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Mumble
[2014.10.16 17:04:33 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Seznam.cz
[2014.10.16 16:33:57 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Steam
[2013.07.06 18:32:07 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Theta
[2014.10.23 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\uTorrent
[2013.11.27 14:54:48 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Wargaming.net
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,556 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.07.01 17:38:03 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.03.14 20:40:21 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.03.14 20:40:23 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.03.18 14:05:57 | 000,000,510 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 78f01119-9f6b-4afb-bc17-49905d19aec1.job
[2014.03.18 14:05:57 | 000,000,510 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d6210b91-a7a5-438e-953b-63eeb8b99b17.job
[2014.10.21 13:48:30 | 000,003,784 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-3.job
[2014.10.21 13:48:36 | 000,001,338 | ---- | C] () -- C:\Windows\Tasks\SYTVHF.job
[2014.10.21 13:48:37 | 000,005,490 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-11.job
[2014.10.21 13:48:43 | 000,004,128 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-7.job
[2014.10.21 13:48:46 | 000,004,464 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-6.job
[2014.10.21 13:49:00 | 000,004,464 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-4.job
[2014.10.21 13:49:19 | 000,001,334 | ---- | C] () -- C:\Windows\Tasks\QTOI.job
[2014.10.21 13:49:21 | 000,003,750 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-1.job
[2014.10.21 13:49:38 | 000,002,760 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5.job
[2014.10.21 13:49:46 | 000,002,760 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5_user.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
< >
< %systemroot%*.* /U /s >
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\47bca83565569e2e3b5c20252c0613e6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\47bca83565569e2e3b5c20252c0613e6\*.tmp -> ]
[2 C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp -> ]
[2 C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp -> ]
[2 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp -> ]
[2 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\APPLICATION Data\*. >
< %ALLUSERSPROFILE%\APPLICATION Data\*.exe /s >
< %APPDATA%\*. >
[2013.07.04 16:56:01 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Adobe
[2013.12.03 20:32:37 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\AVAST Software
[2014.03.06 15:55:15 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\BSplayer
[2013.07.01 18:28:48 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\BSplayer Pro
[2013.09.28 18:52:54 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Canneverbe_Limited
[2014.10.23 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\DAEMON Tools Lite
[2014.04.11 18:48:43 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Dropbox
[2014.04.11 18:48:43 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\DropboxMaster
[2014.02.17 15:25:40 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\dvdcss
[2014.10.16 17:49:43 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Frogwares
[2013.07.01 22:33:59 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Identities
[2014.10.17 13:22:38 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\LavasoftStatistics
[2013.07.01 17:38:07 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Macromedia
[2010.11.21 11:38:07 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Media Center Programs
[2014.04.05 03:38:40 | 000,000,000 | --SD | M] -- C:\Users\Eamon\AppData\Roaming\Microsoft
[2014.01.25 16:43:55 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Mozilla
[2013.10.31 12:59:17 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Mumble
[2013.07.03 15:06:12 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\NVIDIA
[2013.12.03 18:51:59 | 000,000,000 | RH-D | M] -- C:\Users\Eamon\AppData\Roaming\SecuROM
[2014.10.16 17:04:33 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Seznam.cz
[2014.10.22 22:15:49 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Skype
[2014.10.16 16:33:57 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Steam
[2014.03.18 14:05:51 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\SUPERAntiSpyware.com
[2013.07.06 18:32:07 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Theta
[2014.10.23 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\uTorrent
[2014.07.01 16:15:05 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\vlc
[2013.11.27 14:54:48 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Wargaming.net
[2014.09.06 16:06:39 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Winamp
[2013.07.03 13:06:47 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014.10.21 13:49:18 | 001,464,224 | ---- | M] (Object Browser) -- C:\Users\Eamon\AppData\Roaming\QTOI.exe
[2014.10.21 13:48:35 | 001,943,456 | ---- | M] (Object Browser) -- C:\Users\Eamon\AppData\Roaming\SYTVHF.exe
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2014.03.19 14:17:02 | 032,667,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eamon\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.03.19 14:18:14 | 000,244,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eamon\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014.03.19 14:17:06 | 000,143,616 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eamon\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.04.29 12:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.22 12:48:46 | 000,047,640 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\postak.exe
[2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 10:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 11:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 13:52:36 | 000,077,824 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe
[2014.10.10 12:39:38 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Eamon\AppData\Roaming\uTorrent\uTorrent.exe
[2014.04.12 18:27:03 | 001,852,496 | ---- | M] (BitTorrent Inc.) -- C:\Users\Eamon\AppData\Roaming\uTorrent\updates\3.4.0_30596.exe
[2014.04.12 18:27:07 | 001,264,984 | ---- | M] (BitTorrent Inc.) -- C:\Users\Eamon\AppData\Roaming\uTorrent\updates\3.4.1_30740.exe
[2014.10.09 19:13:57 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\Eamon\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014.10.10 12:39:38 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Eamon\AppData\Roaming\uTorrent\updates\3.4.2_34309.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.JOB >
[2014.10.23 13:49:00 | 000,003,750 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-1.job
[2014.10.23 13:48:03 | 000,005,490 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-11.job
[2014.10.23 13:48:07 | 000,003,784 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-3.job
[2014.10.23 13:49:36 | 000,004,464 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-4.job
[2014.10.23 13:49:00 | 000,002,760 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5.job
[2014.10.23 13:49:00 | 000,002,760 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5_user.job
[2014.10.23 18:48:00 | 000,004,464 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-6.job
[2014.10.23 13:48:01 | 000,004,128 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-7.job
[2014.10.23 18:21:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.10.23 10:43:38 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.10.23 19:12:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.10.23 13:49:04 | 000,001,334 | ---- | M] () -- C:\Windows\Tasks\QTOI.job
[2014.03.18 14:05:57 | 000,000,510 | ---- | M] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 78f01119-9f6b-4afb-bc17-49905d19aec1.job
[2014.03.18 14:05:57 | 000,000,510 | ---- | M] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d6210b91-a7a5-438e-953b-63eeb8b99b17.job
[2014.10.23 13:48:03 | 000,001,338 | ---- | M] () -- C:\Windows\Tasks\SYTVHF.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.10.21 13:51:04 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2014.10.21 13:51:04 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"cz.seznam.software.autoupdate" = "C:\Users\Eamon\AppData\Roaming\Seznam.cz\szninstall.exe" -c -- [2013.05.16 15:25:04 | 001,062,472 | ---- | M] ()
"cz.seznam.software.szndesktop" = "C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -- [2013.04.12 10:10:22 | 000,092,664 | ---- | M] ()
"SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -- [2014.10.07 16:07:55 | 007,767,832 | ---- | M] (SUPERAntiSpyware)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2014.03.04 11:19:52 | 003,696,912 | ---- | M] (Disc Soft Ltd)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2014.09.26 16:04:08 | 006,482,200 | ---- | M] (Piriform Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014.08.15 18:10:38 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=10F36FB8CD6218CD7F818268E0F3F9C6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.10.07 04:04:46 | 000,812,736 | ---- | M] (Microsoft Corporation) MD5=F9F310F9FB7F294F00ABDD03453D8CEE -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\APPLICATION\chrome.exe /md5 >
[2014.10.10 04:04:06 | 000,854,344 | ---- | M] (Google Inc.) MD5=B53D59915A356B06C1D7DE5B22B4177C -- C:\Program Files (x86)\Google\Chrome\APPLICATION\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.10.23 18:55:54 | 000,000,512 | ---- | M] () MD5=43DDCC25BD9E563B1BF3075390F48CB1 -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]
< >
< *crack* /s >
[2014.02.05 19:41:19 | 000,213,184 | ---- | M] () -- \Games\World_of_Tanks\res\audio\objects_ice_crack.fsb
[2010.11.09 08:49:48 | 040,868,256 | ---- | M] () -- \Program Files (x86)\Activision\Call of Duty - Black Ops\zone\Common\mp_cracked.ff
[2010.11.09 08:49:48 | 000,019,296 | ---- | M] () -- \Program Files (x86)\Activision\Call of Duty - Black Ops\zone\English\en_mp_cracked.ff
[2014.01.02 18:53:22 | 000,000,032 | R--- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\SKIDROWCRACK.COM.txt
[2014.01.02 18:53:22 | 000,000,113 | R--- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\SKIDROWCRACK.COM.url
[2014.01.02 19:21:52 | 000,000,032 | R--- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\Support\SKIDROWCRACK.COM.txt
[2014.01.02 19:21:52 | 000,000,113 | R--- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\Support\SKIDROWCRACK.COM.url
< *keygen* /s >
< *loader* /s >
[2013.10.04 00:06:54 | 000,001,924 | ---- | M] () -- \Games\F1\F1 2013\ai\track_statistics_loader.xml
[2013.10.04 00:06:54 | 000,000,115 | ---- | M] () -- \Games\F1\F1 2013\audio\audio_loader.xml
[2013.10.04 00:06:54 | 000,000,342 | ---- | M] () -- \Games\F1\F1 2013\scenes\garage_loader.xml
[2013.10.04 00:06:54 | 000,001,042 | ---- | M] () -- \Games\F1\F1 2013\scenes\paddock_gameloader.xml
[2013.10.04 00:06:54 | 000,000,645 | ---- | M] () -- \Games\F1\F1 2013\scenes\paddock_loader.xml
[2013.10.04 00:06:54 | 000,001,986 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader.xml
[2013.10.04 00:06:54 | 000,001,832 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_gaqa.xml
[2013.10.04 00:06:54 | 000,001,830 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_gara.xml
[2013.10.04 00:06:54 | 000,001,831 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_gate.xml
[2013.10.04 00:06:54 | 000,001,807 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_gate_nt.xml
[2013.10.04 00:06:54 | 000,001,832 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_gawc.xml
[2013.10.04 00:06:54 | 000,002,060 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_pfqa.xml
[2013.10.04 00:06:54 | 000,002,060 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_pfra.xml
[2013.10.04 00:06:54 | 000,002,058 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_pfwc.xml
[2013.10.04 00:06:54 | 000,000,629 | ---- | M] () -- \Games\F1\F1 2013\scenes\pitstop_loader.xml
[2013.10.04 00:06:54 | 000,000,722 | ---- | M] () -- \Games\F1\F1 2013\scenes\race_marshal_loader.xml
[2013.10.04 00:06:54 | 000,001,587 | ---- | M] () -- \Games\F1\F1 2013\scenes\trackside_garage_loader.xml
[2013.10.04 00:06:54 | 000,001,578 | ---- | M] () -- \Games\F1\F1 2013\scenes\trackside_garage_reloader.xml
[2013.10.04 00:06:54 | 000,000,149 | ---- | M] () -- \Games\F1\F1 2013\system\osd_loader.xml
[2013.06.12 13:05:20 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2014.06.04 11:31:51 | 000,001,508 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2014.02.05 19:41:19 | 000,002,209 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2014.02.05 19:41:19 | 000,007,130 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2014.02.05 19:41:19 | 000,003,955 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2014.02.05 19:41:19 | 000,006,579 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2014.02.05 19:41:19 | 000,002,753 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2014.09.17 13:48:49 | 000,001,502 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2014.09.17 13:48:49 | 000,006,833 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2014.09.17 13:48:49 | 000,003,415 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2014.09.17 13:48:49 | 000,007,350 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2014.02.05 19:41:19 | 000,011,286 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2013.03.09 08:17:04 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:17:04 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.09.17 04:14:17 | 001,169,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2014.06.10 16:42:34 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2014.06.10 16:42:34 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2014.06.10 16:42:30 | 000,070,464 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2014.06.10 16:42:30 | 000,085,312 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2014.10.21 13:49:32 | 001,062,816 | ---- | M] () -- \Program Files (x86)\Senses\Senses-codedownloader.exe
[2013.01.21 16:03:44 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.11.14 18:57:21 | 000,434,176 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\uplay_r1_loader.dll
[2012.07.12 15:03:08 | 000,329,056 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2014.07.16 15:44:31 | 000,071,968 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.07.16 15:44:31 | 000,085,376 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2013.03.09 08:52:18 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:52:18 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.05.16 16:41:22 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{381B0D17-0D96-4349-B869-B50D2C147FB6}\ExtensionLoader.dll
[2014.07.30 12:42:42 | 000,057,728 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2014.07.30 12:42:43 | 000,057,728 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2014.07.30 12:42:43 | 000,057,728 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2014.07.30 12:42:43 | 000,057,728 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2014.07.30 12:42:43 | 000,057,728 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2014.07.30 12:42:43 | 000,061,770 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2014.07.30 12:42:43 | 000,061,770 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2013.10.07 12:23:01 | 000,012,811 | ---- | M] () -- \Users\Eamon\AppData\Local\Overwolf\InstallerCache\preloader_3337.gif
[2014.07.24 14:53:16 | 000,072,638 | ---- | M] () -- \Users\Eamon\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.07.24 14:53:16 | 000,003,032 | ---- | M] () -- \Users\Eamon\AppData\Local\Skype\Apps\login\images\loader.png
[2014.07.24 14:53:16 | 000,006,012 | ---- | M] () -- \Users\Eamon\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.07.24 14:53:16 | 000,021,956 | ---- | M] () -- \Users\Eamon\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.07.24 14:53:16 | 000,009,772 | ---- | M] () -- \Users\Eamon\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.10.04 08:43:23 | 001,172,288 | ---- | M] () -- \Users\Eamon\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ExtensionLoader.dll
[2014.10.04 08:44:03 | 000,897,344 | ---- | M] () -- \Users\Eamon\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVDownloader.dll
[2014.10.04 08:41:46 | 000,000,818 | ---- | M] () -- \Users\Eamon\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVI2DownloaderExt.CFG
[2014.10.04 08:41:46 | 000,811,840 | ---- | M] () -- \Users\Eamon\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVI2DownloaderExt.DLL
[2013.04.15 13:32:10 | 000,060,416 | ---- | M] () -- \Users\Eamon\AppData\Roaming\Seznam.cz\bin\18385libfoxloader-x64.dll
[2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- \Users\Eamon\AppData\Roaming\Seznam.cz\bin\18385libfoxloader.dll
[2013.07.01 18:28:55 | 000,000,165 | ---- | M] () -- \Users\Eamon\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.04.15 10:11:08 | 000,031,512 | ---- | M] () -- \Users\Eamon\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2013.03.25 16:27:20 | 000,000,665 | ---- | M] () -- \Users\Eamon\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 16:27:26 | 000,000,117 | ---- | M] () -- \Users\Eamon\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2013.11.14 18:57:21 | 000,434,176 | ---- | M] () -- \Users\Eamon\Downloads\Assassins Creed IV.Black Flag SPECIAL EDITION crac + cz\ac4.crack.v3+v4\crack v4\uplay_r1_loader.dll
[2014.10.23 13:49:00 | 000,025,106 | ---- | M] () -- \Windows\Prefetch\SENSES-CODEDOWNLOADER.EXE-5A78CD46.pf
[2014.07.08 23:51:48 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_da-dk_2e996e2009f56895.manifest
[2014.07.08 23:51:22 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_de-de_2bc5035c0bcbbd2f.manifest
[2014.07.08 23:51:25 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_el-gr_d45b30eefae125bd.manifest
[2014.07.08 23:52:01 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_en-us_d4b5d954faa9c8f4.manifest
[2014.07.08 23:51:37 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_es-es_d4813638fad0ba99.manifest
[2014.07.08 23:51:22 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fi-fi_739c3ae5efeaacc3.manifest
[2014.07.08 23:51:31 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fr-fr_7738ac37eda2d0fb.manifest
[2014.07.08 23:52:03 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_hu-hu_bea92c7fd202a017.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_it-it_6160a27ec4d4b679.manifest
[2014.07.08 23:51:51 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ja-jp_0386218bb7efc854.manifest
[2014.07.08 23:51:11 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ko-kr_a6effe40aa608f6a.manifest
[2014.07.08 23:51:17 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nb-no_8f827f758285bb26.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nl-nl_8dc1cab383b1c4fb.manifest
[2014.07.08 23:51:44 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pl-pl_d3fe253568d432af.manifest
[2014.07.08 23:51:31 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-br_d6520fd9675dc693.manifest
[2014.07.08 23:51:12 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-pt_d733df4566cd366f.manifest
[2014.07.08 23:51:24 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ru-ru_1dd6f1094baec49b.manifest
[2014.07.08 23:51:26 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_sv-se_b9d1db7e42d7cef6.manifest
[2014.07.08 23:51:38 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_tr-tr_62df25c53193d0e7.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-cn_343c43c2e1cba306.manifest
[2014.07.08 23:51:18 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-hk_32e73c50e2a71596.manifest
[2014.07.08 23:51:24 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-tw_38388118df3c7f76.manifest
[2014.07.08 23:51:13 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_da-dk_2f183ce5231b2177.manifest
[2014.07.08 23:51:30 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_de-de_2c43d22124f17611.manifest
[2014.07.08 23:51:21 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_el-gr_d4d9ffb41406de9f.manifest
[2014.07.08 23:52:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_en-us_d534a81a13cf81d6.manifest
[2014.07.08 23:51:12 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_es-es_d50004fe13f6737b.manifest
[2014.07.08 23:51:30 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fi-fi_741b09ab091065a5.manifest
[2014.07.08 23:51:13 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fr-fr_77b77afd06c889dd.manifest
[2014.07.08 23:52:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_hu-hu_bf27fb44eb2858f9.manifest
[2014.07.08 23:52:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_it-it_61df7143ddfa6f5b.manifest
[2014.07.08 23:51:54 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ja-jp_0404f050d1158136.manifest
[2014.07.08 23:51:36 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ko-kr_a76ecd05c386484c.manifest
[2014.07.08 23:51:59 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nb-no_90014e3a9bab7408.manifest
[2014.07.08 23:51:59 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nl-nl_8e4099789cd77ddd.manifest
[2014.07.08 23:52:00 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pl-pl_d47cf3fa81f9eb91.manifest
[2014.07.08 23:51:49 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-br_d6d0de9e80837f75.manifest
[2014.07.08 23:52:02 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-pt_d7b2ae0a7ff2ef51.manifest
[2014.07.08 23:51:44 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ru-ru_1e55bfce64d47d7d.manifest
[2014.07.08 23:51:29 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_sv-se_ba50aa435bfd87d8.manifest
[2014.07.08 23:51:22 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_tr-tr_635df48a4ab989c9.manifest
[2014.07.08 23:51:34 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-cn_34bb1287faf15be8.manifest
[2014.07.08 23:51:42 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-hk_33660b15fbccce78.manifest
[2014.07.08 23:51:10 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-tw_38b74fddf8623858.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_9f5264e54ecc21f2.manifest
[2014.07.08 23:51:14 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_da-dk_3c8c450c45121df1.manifest
[2014.07.08 23:51:52 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_de-de_39b7da4846e8728b.manifest
[2014.07.08 23:52:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_el-gr_e24e07db35fddb19.manifest
[2014.07.08 23:51:04 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_en-us_e2a8b04135c67e50.manifest
[2014.07.08 23:51:24 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_es-es_e2740d2535ed6ff5.manifest
[2014.07.08 23:51:45 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fi-fi_818f11d22b07621f.manifest
[2014.07.08 23:51:32 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fr-fr_852b832428bf8657.manifest
[2014.07.08 23:51:35 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_hu-hu_cc9c036c0d1f5573.manifest
[2014.07.08 23:51:44 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_it-it_6f53796afff16bd5.manifest
[2014.07.08 23:51:38 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ja-jp_1178f877f30c7db0.manifest
[2014.07.08 23:51:25 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ko-kr_b4e2d52ce57d44c6.manifest
[2014.07.08 23:51:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nb-no_9d755661bda27082.manifest
[2014.07.08 23:52:02 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nl-nl_9bb4a19fbece7a57.manifest
[2014.07.08 23:51:42 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pl-pl_e1f0fc21a3f0e80b.manifest
[2014.07.08 23:51:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-br_e444e6c5a27a7bef.manifest
[2014.07.08 23:51:28 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-pt_e526b631a1e9ebcb.manifest
[2014.07.08 23:52:03 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ru-ru_2bc9c7f586cb79f7.manifest
[2014.07.08 23:51:34 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_sv-se_c7c4b26a7df48452.manifest
[2014.07.08 23:51:13 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_tr-tr_70d1fcb16cb08643.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-cn_422f1aaf1ce85862.manifest
[2014.07.08 23:52:03 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-hk_40da133d1dc3caf2.manifest
[2014.07.08 23:51:19 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-tw_462b58051a5934d2.manifest
[2014.07.08 23:51:06 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_cs-cz_9fd133aa67f1dad4.manifest
[2014.07.08 23:51:38 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_da-dk_3d0b13d15e37d6d3.manifest
[2014.07.08 23:51:07 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_de-de_3a36a90d600e2b6d.manifest
[2014.07.08 23:51:50 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_el-gr_e2ccd6a04f2393fb.manifest
[2014.07.08 23:51:25 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_en-us_e3277f064eec3732.manifest
[2014.07.08 23:51:49 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_es-es_e2f2dbea4f1328d7.manifest
[2014.07.08 23:51:40 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fi-fi_820de097442d1b01.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fr-fr_85aa51e941e53f39.manifest
[2014.07.08 23:51:44 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_hu-hu_cd1ad23126450e55.manifest
[2014.07.08 23:51:56 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_it-it_6fd24830191724b7.manifest
[2014.07.08 23:51:55 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ja-jp_11f7c73d0c323692.manifest
[2014.07.08 23:51:28 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ko-kr_b561a3f1fea2fda8.manifest
[2014.07.08 23:51:47 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nb-no_9df42526d6c82964.manifest
[2014.07.08 23:51:12 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nl-nl_9c337064d7f43339.manifest
[2014.07.08 23:52:04 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pl-pl_e26fcae6bd16a0ed.manifest
[2014.07.08 23:51:54 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-br_e4c3b58abba034d1.manifest
[2014.07.08 23:51:13 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-pt_e5a584f6bb0fa4ad.manifest
[2014.07.08 23:51:29 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ru-ru_2c4896ba9ff132d9.manifest
[2014.07.08 23:51:35 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_sv-se_c843812f971a3d34.manifest
[2014.07.08 23:51:35 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_tr-tr_7150cb7685d63f25.manifest
[2014.07.08 23:51:11 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-cn_42ade974360e1144.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-hk_4158e20236e983d4.manifest
[2014.07.08 23:51:32 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-tw_46aa26ca337eedb4.manifest
[2014.08.19 05:35:52 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_9dd39e01816788fc.manifest
[2014.08.19 05:26:54 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_9e4e6b9e9a90dc82.manifest
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:39:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:40:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:39:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:40:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.15 22:36:29 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96.manifest
[2014.10.15 22:36:30 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winload.efi.mui_35ee487d
[2014.10.15 22:36:30 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winload.exe.mui_3bc5b827
[2014.10.15 22:36:30 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winresume.efi.mui_f412814e
[2014.10.15 22:36:30 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winresume.exe.mui_ff8b5358
[2014.10.15 22:36:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0.manifest
[2014.10.15 22:36:30 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winload.efi_75834aa0
[2014.10.15 22:36:30 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winload.exe_75835076
[2014.10.15 22:36:30 | 000,616,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winresume.efi_85cd069f
[2014.10.15 22:36:30 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96.manifest
[2014.07.08 23:52:03 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_cs-cz_91de5cbe2cd52578.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2014.08.19 05:35:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014.08.19 05:26:49 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_b98696ee9ca07f56.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:39:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:40:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:39:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:40:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:56E2E879
< End of report >
[2014.03.06 15:55:15 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\BSplayer
[2013.07.01 18:28:48 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\BSplayer Pro
[2013.09.28 18:52:54 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Canneverbe_Limited
[2014.10.23 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\DAEMON Tools Lite
[2014.04.11 18:48:43 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Dropbox
[2014.04.11 18:48:43 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\DropboxMaster
[2014.10.16 17:49:43 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Frogwares
[2013.10.31 12:59:17 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Mumble
[2014.10.16 17:04:33 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Seznam.cz
[2014.10.16 16:33:57 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Steam
[2013.07.06 18:32:07 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Theta
[2014.10.23 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\uTorrent
[2013.11.27 14:54:48 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Wargaming.net
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,556 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.07.01 17:38:03 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.03.14 20:40:21 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.03.14 20:40:23 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.03.18 14:05:57 | 000,000,510 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 78f01119-9f6b-4afb-bc17-49905d19aec1.job
[2014.03.18 14:05:57 | 000,000,510 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d6210b91-a7a5-438e-953b-63eeb8b99b17.job
[2014.10.21 13:48:30 | 000,003,784 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-3.job
[2014.10.21 13:48:36 | 000,001,338 | ---- | C] () -- C:\Windows\Tasks\SYTVHF.job
[2014.10.21 13:48:37 | 000,005,490 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-11.job
[2014.10.21 13:48:43 | 000,004,128 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-7.job
[2014.10.21 13:48:46 | 000,004,464 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-6.job
[2014.10.21 13:49:00 | 000,004,464 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-4.job
[2014.10.21 13:49:19 | 000,001,334 | ---- | C] () -- C:\Windows\Tasks\QTOI.job
[2014.10.21 13:49:21 | 000,003,750 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-1.job
[2014.10.21 13:49:38 | 000,002,760 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5.job
[2014.10.21 13:49:46 | 000,002,760 | ---- | C] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5_user.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
< >
< %systemroot%*.* /U /s >
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\47bca83565569e2e3b5c20252c0613e6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\47bca83565569e2e3b5c20252c0613e6\*.tmp -> ]
[2 C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp -> ]
[2 C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp -> ]
[2 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp -> ]
[2 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\APPLICATION Data\*. >
< %ALLUSERSPROFILE%\APPLICATION Data\*.exe /s >
< %APPDATA%\*. >
[2013.07.04 16:56:01 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Adobe
[2013.12.03 20:32:37 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\AVAST Software
[2014.03.06 15:55:15 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\BSplayer
[2013.07.01 18:28:48 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\BSplayer Pro
[2013.09.28 18:52:54 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Canneverbe_Limited
[2014.10.23 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\DAEMON Tools Lite
[2014.04.11 18:48:43 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Dropbox
[2014.04.11 18:48:43 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\DropboxMaster
[2014.02.17 15:25:40 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\dvdcss
[2014.10.16 17:49:43 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Frogwares
[2013.07.01 22:33:59 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Identities
[2014.10.17 13:22:38 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\LavasoftStatistics
[2013.07.01 17:38:07 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Macromedia
[2010.11.21 11:38:07 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Media Center Programs
[2014.04.05 03:38:40 | 000,000,000 | --SD | M] -- C:\Users\Eamon\AppData\Roaming\Microsoft
[2014.01.25 16:43:55 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Mozilla
[2013.10.31 12:59:17 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Mumble
[2013.07.03 15:06:12 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\NVIDIA
[2013.12.03 18:51:59 | 000,000,000 | RH-D | M] -- C:\Users\Eamon\AppData\Roaming\SecuROM
[2014.10.16 17:04:33 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Seznam.cz
[2014.10.22 22:15:49 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Skype
[2014.10.16 16:33:57 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Steam
[2014.03.18 14:05:51 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\SUPERAntiSpyware.com
[2013.07.06 18:32:07 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Theta
[2014.10.23 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\uTorrent
[2014.07.01 16:15:05 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\vlc
[2013.11.27 14:54:48 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Wargaming.net
[2014.09.06 16:06:39 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\Winamp
[2013.07.03 13:06:47 | 000,000,000 | ---D | M] -- C:\Users\Eamon\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2014.10.21 13:49:18 | 001,464,224 | ---- | M] (Object Browser) -- C:\Users\Eamon\AppData\Roaming\QTOI.exe
[2014.10.21 13:48:35 | 001,943,456 | ---- | M] (Object Browser) -- C:\Users\Eamon\AppData\Roaming\SYTVHF.exe
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2014.03.19 14:17:02 | 032,667,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eamon\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.03.19 14:18:14 | 000,244,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eamon\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014.03.19 14:17:06 | 000,143,616 | ---- | M] (Dropbox, Inc.) -- C:\Users\Eamon\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.04.29 12:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.22 12:48:46 | 000,047,640 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\postak.exe
[2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 10:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 11:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 13:52:36 | 000,077,824 | ---- | M] () -- C:\Users\Eamon\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe
[2014.10.10 12:39:38 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Eamon\AppData\Roaming\uTorrent\uTorrent.exe
[2014.04.12 18:27:03 | 001,852,496 | ---- | M] (BitTorrent Inc.) -- C:\Users\Eamon\AppData\Roaming\uTorrent\updates\3.4.0_30596.exe
[2014.04.12 18:27:07 | 001,264,984 | ---- | M] (BitTorrent Inc.) -- C:\Users\Eamon\AppData\Roaming\uTorrent\updates\3.4.1_30740.exe
[2014.10.09 19:13:57 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\Eamon\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014.10.10 12:39:38 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Eamon\AppData\Roaming\uTorrent\updates\3.4.2_34309.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.JOB >
[2014.10.23 13:49:00 | 000,003,750 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-1.job
[2014.10.23 13:48:03 | 000,005,490 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-11.job
[2014.10.23 13:48:07 | 000,003,784 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-3.job
[2014.10.23 13:49:36 | 000,004,464 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-4.job
[2014.10.23 13:49:00 | 000,002,760 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5.job
[2014.10.23 13:49:00 | 000,002,760 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-5_user.job
[2014.10.23 18:48:00 | 000,004,464 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-6.job
[2014.10.23 13:48:01 | 000,004,128 | ---- | M] () -- C:\Windows\Tasks\1b58c730-65b5-4e0d-a515-021b356a0503-7.job
[2014.10.23 18:21:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.10.23 10:43:38 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.10.23 19:12:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014.10.23 13:49:04 | 000,001,334 | ---- | M] () -- C:\Windows\Tasks\QTOI.job
[2014.03.18 14:05:57 | 000,000,510 | ---- | M] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 78f01119-9f6b-4afb-bc17-49905d19aec1.job
[2014.03.18 14:05:57 | 000,000,510 | ---- | M] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d6210b91-a7a5-438e-953b-63eeb8b99b17.job
[2014.10.23 13:48:03 | 000,001,338 | ---- | M] () -- C:\Windows\Tasks\SYTVHF.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.10.21 13:51:04 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2014.10.21 13:51:04 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"cz.seznam.software.autoupdate" = "C:\Users\Eamon\AppData\Roaming\Seznam.cz\szninstall.exe" -c -- [2013.05.16 15:25:04 | 001,062,472 | ---- | M] ()
"cz.seznam.software.szndesktop" = "C:\Users\Eamon\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -- [2013.04.12 10:10:22 | 000,092,664 | ---- | M] ()
"SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -- [2014.10.07 16:07:55 | 007,767,832 | ---- | M] (SUPERAntiSpyware)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2014.03.04 11:19:52 | 003,696,912 | ---- | M] (Disc Soft Ltd)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2014.09.26 16:04:08 | 006,482,200 | ---- | M] (Piriform Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2014.08.15 18:10:38 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=10F36FB8CD6218CD7F818268E0F3F9C6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.10.07 04:04:46 | 000,812,736 | ---- | M] (Microsoft Corporation) MD5=F9F310F9FB7F294F00ABDD03453D8CEE -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\APPLICATION\chrome.exe /md5 >
[2014.10.10 04:04:06 | 000,854,344 | ---- | M] (Google Inc.) MD5=B53D59915A356B06C1D7DE5B22B4177C -- C:\Program Files (x86)\Google\Chrome\APPLICATION\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.10.23 18:55:54 | 000,000,512 | ---- | M] () MD5=43DDCC25BD9E563B1BF3075390F48CB1 -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]
< >
< *crack* /s >
[2014.02.05 19:41:19 | 000,213,184 | ---- | M] () -- \Games\World_of_Tanks\res\audio\objects_ice_crack.fsb
[2010.11.09 08:49:48 | 040,868,256 | ---- | M] () -- \Program Files (x86)\Activision\Call of Duty - Black Ops\zone\Common\mp_cracked.ff
[2010.11.09 08:49:48 | 000,019,296 | ---- | M] () -- \Program Files (x86)\Activision\Call of Duty - Black Ops\zone\English\en_mp_cracked.ff
[2014.01.02 18:53:22 | 000,000,032 | R--- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\SKIDROWCRACK.COM.txt
[2014.01.02 18:53:22 | 000,000,113 | R--- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\SKIDROWCRACK.COM.url
[2014.01.02 19:21:52 | 000,000,032 | R--- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\Support\SKIDROWCRACK.COM.txt
[2014.01.02 19:21:52 | 000,000,113 | R--- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\Support\SKIDROWCRACK.COM.url
< *keygen* /s >
< *loader* /s >
[2013.10.04 00:06:54 | 000,001,924 | ---- | M] () -- \Games\F1\F1 2013\ai\track_statistics_loader.xml
[2013.10.04 00:06:54 | 000,000,115 | ---- | M] () -- \Games\F1\F1 2013\audio\audio_loader.xml
[2013.10.04 00:06:54 | 000,000,342 | ---- | M] () -- \Games\F1\F1 2013\scenes\garage_loader.xml
[2013.10.04 00:06:54 | 000,001,042 | ---- | M] () -- \Games\F1\F1 2013\scenes\paddock_gameloader.xml
[2013.10.04 00:06:54 | 000,000,645 | ---- | M] () -- \Games\F1\F1 2013\scenes\paddock_loader.xml
[2013.10.04 00:06:54 | 000,001,986 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader.xml
[2013.10.04 00:06:54 | 000,001,832 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_gaqa.xml
[2013.10.04 00:06:54 | 000,001,830 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_gara.xml
[2013.10.04 00:06:54 | 000,001,831 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_gate.xml
[2013.10.04 00:06:54 | 000,001,807 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_gate_nt.xml
[2013.10.04 00:06:54 | 000,001,832 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_gawc.xml
[2013.10.04 00:06:54 | 000,002,060 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_pfqa.xml
[2013.10.04 00:06:54 | 000,002,060 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_pfra.xml
[2013.10.04 00:06:54 | 000,002,058 | ---- | M] () -- \Games\F1\F1 2013\scenes\parcferme_loader_pfwc.xml
[2013.10.04 00:06:54 | 000,000,629 | ---- | M] () -- \Games\F1\F1 2013\scenes\pitstop_loader.xml
[2013.10.04 00:06:54 | 000,000,722 | ---- | M] () -- \Games\F1\F1 2013\scenes\race_marshal_loader.xml
[2013.10.04 00:06:54 | 000,001,587 | ---- | M] () -- \Games\F1\F1 2013\scenes\trackside_garage_loader.xml
[2013.10.04 00:06:54 | 000,001,578 | ---- | M] () -- \Games\F1\F1 2013\scenes\trackside_garage_reloader.xml
[2013.10.04 00:06:54 | 000,000,149 | ---- | M] () -- \Games\F1\F1 2013\system\osd_loader.xml
[2013.06.12 13:05:20 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2014.06.04 11:31:51 | 000,001,508 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2014.02.05 19:41:19 | 000,002,209 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2014.02.05 19:41:19 | 000,007,130 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2014.02.05 19:41:19 | 000,003,955 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2014.02.05 19:41:19 | 000,006,579 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2014.02.05 19:41:19 | 000,002,753 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2014.09.17 13:48:49 | 000,001,502 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2014.09.17 13:48:49 | 000,006,833 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2014.09.17 13:48:49 | 000,003,415 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2014.09.17 13:48:49 | 000,007,350 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2014.02.05 19:41:19 | 000,011,286 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2013.03.09 08:17:04 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:17:04 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.09.17 04:14:17 | 001,169,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2014.06.10 16:42:34 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2014.06.10 16:42:34 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2014.06.10 16:42:30 | 000,070,464 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2014.06.10 16:42:30 | 000,085,312 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2014.10.21 13:49:32 | 001,062,816 | ---- | M] () -- \Program Files (x86)\Senses\Senses-codedownloader.exe
[2013.01.21 16:03:44 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.11.14 18:57:21 | 000,434,176 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\Assassin's Creed IV Black Flag Gold Edition-SKIDROWCRACK\uplay_r1_loader.dll
[2012.07.12 15:03:08 | 000,329,056 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2014.07.16 15:44:31 | 000,071,968 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.07.16 15:44:31 | 000,085,376 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2013.03.09 08:52:18 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:52:18 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.05.16 16:41:22 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{381B0D17-0D96-4349-B869-B50D2C147FB6}\ExtensionLoader.dll
[2014.07.30 12:42:42 | 000,057,728 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2014.07.30 12:42:43 | 000,057,728 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2014.07.30 12:42:43 | 000,057,728 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2014.07.30 12:42:43 | 000,057,728 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2014.07.30 12:42:43 | 000,057,728 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2014.07.30 12:42:43 | 000,061,770 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2014.07.30 12:42:43 | 000,061,770 | ---- | M] () -- \Users\Eamon\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2013.10.07 12:23:01 | 000,012,811 | ---- | M] () -- \Users\Eamon\AppData\Local\Overwolf\InstallerCache\preloader_3337.gif
[2014.07.24 14:53:16 | 000,072,638 | ---- | M] () -- \Users\Eamon\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.07.24 14:53:16 | 000,003,032 | ---- | M] () -- \Users\Eamon\AppData\Local\Skype\Apps\login\images\loader.png
[2014.07.24 14:53:16 | 000,006,012 | ---- | M] () -- \Users\Eamon\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.07.24 14:53:16 | 000,021,956 | ---- | M] () -- \Users\Eamon\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.07.24 14:53:16 | 000,009,772 | ---- | M] () -- \Users\Eamon\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.10.04 08:43:23 | 001,172,288 | ---- | M] () -- \Users\Eamon\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\GFExperience\ExtensionLoader.dll
[2014.10.04 08:44:03 | 000,897,344 | ---- | M] () -- \Users\Eamon\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVDownloader.dll
[2014.10.04 08:41:46 | 000,000,818 | ---- | M] () -- \Users\Eamon\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVI2DownloaderExt.CFG
[2014.10.04 08:41:46 | 000,811,840 | ---- | M] () -- \Users\Eamon\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\NVI2\NVI2DownloaderExt.DLL
[2013.04.15 13:32:10 | 000,060,416 | ---- | M] () -- \Users\Eamon\AppData\Roaming\Seznam.cz\bin\18385libfoxloader-x64.dll
[2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- \Users\Eamon\AppData\Roaming\Seznam.cz\bin\18385libfoxloader.dll
[2013.07.01 18:28:55 | 000,000,165 | ---- | M] () -- \Users\Eamon\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.04.15 10:11:08 | 000,031,512 | ---- | M] () -- \Users\Eamon\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2013.03.25 16:27:20 | 000,000,665 | ---- | M] () -- \Users\Eamon\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 16:27:26 | 000,000,117 | ---- | M] () -- \Users\Eamon\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2013.11.14 18:57:21 | 000,434,176 | ---- | M] () -- \Users\Eamon\Downloads\Assassins Creed IV.Black Flag SPECIAL EDITION crac + cz\ac4.crack.v3+v4\crack v4\uplay_r1_loader.dll
[2014.10.23 13:49:00 | 000,025,106 | ---- | M] () -- \Windows\Prefetch\SENSES-CODEDOWNLOADER.EXE-5A78CD46.pf
[2014.07.08 23:51:48 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_da-dk_2e996e2009f56895.manifest
[2014.07.08 23:51:22 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_de-de_2bc5035c0bcbbd2f.manifest
[2014.07.08 23:51:25 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_el-gr_d45b30eefae125bd.manifest
[2014.07.08 23:52:01 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_en-us_d4b5d954faa9c8f4.manifest
[2014.07.08 23:51:37 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_es-es_d4813638fad0ba99.manifest
[2014.07.08 23:51:22 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fi-fi_739c3ae5efeaacc3.manifest
[2014.07.08 23:51:31 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fr-fr_7738ac37eda2d0fb.manifest
[2014.07.08 23:52:03 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_hu-hu_bea92c7fd202a017.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_it-it_6160a27ec4d4b679.manifest
[2014.07.08 23:51:51 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ja-jp_0386218bb7efc854.manifest
[2014.07.08 23:51:11 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ko-kr_a6effe40aa608f6a.manifest
[2014.07.08 23:51:17 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nb-no_8f827f758285bb26.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nl-nl_8dc1cab383b1c4fb.manifest
[2014.07.08 23:51:44 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pl-pl_d3fe253568d432af.manifest
[2014.07.08 23:51:31 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-br_d6520fd9675dc693.manifest
[2014.07.08 23:51:12 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-pt_d733df4566cd366f.manifest
[2014.07.08 23:51:24 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ru-ru_1dd6f1094baec49b.manifest
[2014.07.08 23:51:26 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_sv-se_b9d1db7e42d7cef6.manifest
[2014.07.08 23:51:38 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_tr-tr_62df25c53193d0e7.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-cn_343c43c2e1cba306.manifest
[2014.07.08 23:51:18 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-hk_32e73c50e2a71596.manifest
[2014.07.08 23:51:24 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-tw_38388118df3c7f76.manifest
[2014.07.08 23:51:13 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_da-dk_2f183ce5231b2177.manifest
[2014.07.08 23:51:30 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_de-de_2c43d22124f17611.manifest
[2014.07.08 23:51:21 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_el-gr_d4d9ffb41406de9f.manifest
[2014.07.08 23:52:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_en-us_d534a81a13cf81d6.manifest
[2014.07.08 23:51:12 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_es-es_d50004fe13f6737b.manifest
[2014.07.08 23:51:30 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fi-fi_741b09ab091065a5.manifest
[2014.07.08 23:51:13 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fr-fr_77b77afd06c889dd.manifest
[2014.07.08 23:52:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_hu-hu_bf27fb44eb2858f9.manifest
[2014.07.08 23:52:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_it-it_61df7143ddfa6f5b.manifest
[2014.07.08 23:51:54 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ja-jp_0404f050d1158136.manifest
[2014.07.08 23:51:36 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ko-kr_a76ecd05c386484c.manifest
[2014.07.08 23:51:59 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nb-no_90014e3a9bab7408.manifest
[2014.07.08 23:51:59 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nl-nl_8e4099789cd77ddd.manifest
[2014.07.08 23:52:00 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pl-pl_d47cf3fa81f9eb91.manifest
[2014.07.08 23:51:49 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-br_d6d0de9e80837f75.manifest
[2014.07.08 23:52:02 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-pt_d7b2ae0a7ff2ef51.manifest
[2014.07.08 23:51:44 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ru-ru_1e55bfce64d47d7d.manifest
[2014.07.08 23:51:29 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_sv-se_ba50aa435bfd87d8.manifest
[2014.07.08 23:51:22 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_tr-tr_635df48a4ab989c9.manifest
[2014.07.08 23:51:34 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-cn_34bb1287faf15be8.manifest
[2014.07.08 23:51:42 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-hk_33660b15fbccce78.manifest
[2014.07.08 23:51:10 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-tw_38b74fddf8623858.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_9f5264e54ecc21f2.manifest
[2014.07.08 23:51:14 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_da-dk_3c8c450c45121df1.manifest
[2014.07.08 23:51:52 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_de-de_39b7da4846e8728b.manifest
[2014.07.08 23:52:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_el-gr_e24e07db35fddb19.manifest
[2014.07.08 23:51:04 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_en-us_e2a8b04135c67e50.manifest
[2014.07.08 23:51:24 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_es-es_e2740d2535ed6ff5.manifest
[2014.07.08 23:51:45 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fi-fi_818f11d22b07621f.manifest
[2014.07.08 23:51:32 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_fr-fr_852b832428bf8657.manifest
[2014.07.08 23:51:35 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_hu-hu_cc9c036c0d1f5573.manifest
[2014.07.08 23:51:44 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_it-it_6f53796afff16bd5.manifest
[2014.07.08 23:51:38 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ja-jp_1178f877f30c7db0.manifest
[2014.07.08 23:51:25 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ko-kr_b4e2d52ce57d44c6.manifest
[2014.07.08 23:51:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nb-no_9d755661bda27082.manifest
[2014.07.08 23:52:02 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_nl-nl_9bb4a19fbece7a57.manifest
[2014.07.08 23:51:42 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pl-pl_e1f0fc21a3f0e80b.manifest
[2014.07.08 23:51:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-br_e444e6c5a27a7bef.manifest
[2014.07.08 23:51:28 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_pt-pt_e526b631a1e9ebcb.manifest
[2014.07.08 23:52:03 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_ru-ru_2bc9c7f586cb79f7.manifest
[2014.07.08 23:51:34 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_sv-se_c7c4b26a7df48452.manifest
[2014.07.08 23:51:13 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_tr-tr_70d1fcb16cb08643.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-cn_422f1aaf1ce85862.manifest
[2014.07.08 23:52:03 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-hk_40da133d1dc3caf2.manifest
[2014.07.08 23:51:19 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_zh-tw_462b58051a5934d2.manifest
[2014.07.08 23:51:06 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_cs-cz_9fd133aa67f1dad4.manifest
[2014.07.08 23:51:38 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_da-dk_3d0b13d15e37d6d3.manifest
[2014.07.08 23:51:07 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_de-de_3a36a90d600e2b6d.manifest
[2014.07.08 23:51:50 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_el-gr_e2ccd6a04f2393fb.manifest
[2014.07.08 23:51:25 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_en-us_e3277f064eec3732.manifest
[2014.07.08 23:51:49 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_es-es_e2f2dbea4f1328d7.manifest
[2014.07.08 23:51:40 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fi-fi_820de097442d1b01.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_fr-fr_85aa51e941e53f39.manifest
[2014.07.08 23:51:44 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_hu-hu_cd1ad23126450e55.manifest
[2014.07.08 23:51:56 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_it-it_6fd24830191724b7.manifest
[2014.07.08 23:51:55 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ja-jp_11f7c73d0c323692.manifest
[2014.07.08 23:51:28 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ko-kr_b561a3f1fea2fda8.manifest
[2014.07.08 23:51:47 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nb-no_9df42526d6c82964.manifest
[2014.07.08 23:51:12 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_nl-nl_9c337064d7f43339.manifest
[2014.07.08 23:52:04 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pl-pl_e26fcae6bd16a0ed.manifest
[2014.07.08 23:51:54 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-br_e4c3b58abba034d1.manifest
[2014.07.08 23:51:13 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_pt-pt_e5a584f6bb0fa4ad.manifest
[2014.07.08 23:51:29 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_ru-ru_2c4896ba9ff132d9.manifest
[2014.07.08 23:51:35 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_sv-se_c843812f971a3d34.manifest
[2014.07.08 23:51:35 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_tr-tr_7150cb7685d63f25.manifest
[2014.07.08 23:51:11 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-cn_42ade974360e1144.manifest
[2014.07.08 23:51:20 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-hk_4158e20236e983d4.manifest
[2014.07.08 23:51:32 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_zh-tw_46aa26ca337eedb4.manifest
[2014.08.19 05:35:52 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_9dd39e01816788fc.manifest
[2014.08.19 05:26:54 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a1393e567d30fe7c8759065d8382098\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_9e4e6b9e9a90dc82.manifest
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:39:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:40:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:39:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:40:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.15 22:36:29 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96.manifest
[2014.10.15 22:36:30 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winload.efi.mui_35ee487d
[2014.10.15 22:36:30 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winload.exe.mui_3bc5b827
[2014.10.15 22:36:30 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winresume.efi.mui_f412814e
[2014.10.15 22:36:30 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96_winresume.exe.mui_ff8b5358
[2014.10.15 22:36:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0.manifest
[2014.10.15 22:36:30 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winload.efi_75834aa0
[2014.10.15 22:36:30 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winload.exe_75835076
[2014.10.15 22:36:30 | 000,616,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winresume.efi_85cd069f
[2014.10.15 22:36:30 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2014.07.08 23:51:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_915f8df913af6c96.manifest
[2014.07.08 23:52:03 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_cs-cz_91de5cbe2cd52578.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2014.08.19 05:35:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_b90bc95183772bd0.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014.08.19 05:26:49 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_b98696ee9ca07f56.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:39:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:40:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:39:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 13:40:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:56E2E879
< End of report >
Re: Prosim o kontrolu, pc si dela co chce
OTL Extras logfile created on: 23.10.2014 18:54:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eamon\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,96 Gb Total Physical Memory | 5,61 Gb Available Physical Memory | 70,44% Memory free
15,93 Gb Paging File | 13,31 Gb Available in Paging File | 83,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,36 Gb Total Space | 26,34 Gb Free Space | 9,43% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 185,85 Gb Free Space | 79,81% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 228,21 Gb Free Space | 76,56% Space Free | Partition Type: NTFS
Drive G: | 25,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: EAMON-PC | User Name: Eamon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{040C8881-C98E-486A-B11B-B99EE691AC69}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{0686740A-A5BC-489F-A757-3E58D0922D19}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B607810-569A-4B46-B799-36FA3846E433}" = lport=445 | protocol=6 | dir=in | app=system |
"{1766FF10-6FE0-45E1-9213-ECED2A723A5F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1B806B94-BEA7-49E6-8A69-5B624A0749B2}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{243613CB-0C22-4BC6-A667-3454AD25C5F0}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{249E6A9A-2EB3-4FAC-8DA9-BFAC485A0CDF}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{24A10B27-2495-4CFC-9513-3D5D76825567}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{25516EBF-D99A-4279-B64A-2875B1B33F34}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2B6B45BC-FEA4-4C62-87B9-91BFBEF21C1D}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{2BBA5933-FA44-486B-855C-B8340CE69FAA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{312440DC-DF85-470A-A23C-C3411445B01A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{312E19C7-E4C3-44E6-8DC9-369AF993AA2F}" = lport=139 | protocol=6 | dir=in | app=system |
"{3255A12A-84CE-4A38-B7DE-7640DC84840C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{330EE4B0-1160-46FE-9C21-8DB8F26F3EEB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{381C8F02-0C29-430B-9C9A-CE1BC38BE0A3}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{4480AA4F-2E71-4BF5-979F-6E98A07B9C46}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{483E3805-0C38-48C4-9DA4-45C0E911BDA6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A6A7F24-F159-4CBE-ABCE-02F5AF657ECA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5255C5C6-1437-4BEC-879A-3B984D852A51}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5A049356-003F-4E22-9A86-90B71666FEB6}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{5F03904D-CA7D-4C08-AFC0-0DDABD90BED7}" = lport=138 | protocol=17 | dir=in | app=system |
"{6E2C00ED-32D1-49EF-91B8-1F25A0BBA598}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{6EB5C46D-4F1D-4941-B141-603513E920F0}" = rport=138 | protocol=17 | dir=out | app=system |
"{7E2B2079-CED6-49CC-8473-8968CB4CCC1D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8E059272-1D72-436D-B8A9-1C5BD1E32947}" = lport=137 | protocol=17 | dir=in | app=system |
"{8FB0B2E1-1356-4079-8D6D-E21704342E70}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9134FE3D-FC62-48A7-84AF-F2E43430A105}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{91B3E0DA-707D-4ACE-BFF6-EB4EE46364B7}" = rport=139 | protocol=6 | dir=out | app=system |
"{92BE04CD-DC05-42A6-AA0B-C8E91EB02593}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{98F7831D-BDB1-4AAF-8F3B-2CBFF65DA8DD}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{99119154-7880-4277-A245-2917982FBDCB}" = rport=445 | protocol=6 | dir=out | app=system |
"{99DEB2AD-DF78-4A91-88C7-E2053ED1F77C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9C15B399-DD9B-4FE1-900C-C4A4732A2A87}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A9F94287-4FB2-47EE-92D6-A7AD3389E498}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BCB6B129-24DB-4DD8-B0FB-4C31E47CF627}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{BD907923-F12E-4B97-A6A9-74A87318BEFF}" = rport=137 | protocol=17 | dir=out | app=system |
"{D954D90E-45A4-4F56-94DA-BF3E6DD33BD8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DF3946D3-DCA5-48B7-833D-8A099D7F0AF7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E1AF53B8-4C23-4823-914A-FA6C828B34B3}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{EBB0BA33-69F9-445A-92A8-7D46496CF9CD}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{ECC6A100-A9A2-4718-B0DC-CF44A9A37C33}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F6F34DF7-EE49-4680-BA0B-B95C43089168}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{046828F3-5617-4A12-A7DB-C46648E81B82}" = protocol=6 | dir=out | app=system |
"{08AD5BF5-E54B-4208-9AE9-05904DD10B3D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0E6DA2F7-B6BB-4E57-ACDE-C61F20133C81}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{163395ED-470B-4396-8CB6-5FADBD5DE2E9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{18206669-C965-41B2-BBA3-57E8434A8B6D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A87DAA5-5430-42A7-BA20-E8E60DA56169}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{1AAF2287-8859-441A-AF99-353FD44233A8}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{23F87F0E-CE98-4D9A-928C-6262472C6DD6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26CFB4BB-D933-40AC-ABF7-E121761D9C2B}" = protocol=6 | dir=in | app=c:\users\eamon\appdata\roaming\utorrent\utorrent.exe |
"{2AE5115D-7920-44B2-AB46-ED1BB13B993E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{40A981A0-0E60-4668-9AB4-4E6ECC71F024}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{569AD547-BFFA-481D-A71A-D9D2120C3914}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5A156722-C0C0-4E8B-8C4B-273D669B8AC5}" = protocol=17 | dir=in | app=c:\users\eamon\appdata\roaming\dropbox\bin\dropbox.exe |
"{600E0F1A-1419-4A19-9284-90A689C3190A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{71788F52-FD83-4C7E-80C7-F7DD7E2CA744}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{75777B48-02C8-4674-8541-2D9A3F280FAB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77D331E7-5D9B-4A9F-83BC-B31C04D2839F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{87941A1D-7BE2-4CFB-BB5B-4409CD55D452}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8F40AB93-DE6E-4BEE-BD04-06BE22EEF022}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8F99D5B5-DAA4-4343-BC7D-A86C713EBF97}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{9329A1FC-FD98-4E49-AF7B-C19CCB29C11E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9408B0BB-4DEF-4129-B6E3-EC0CE6E5AAF6}" = protocol=17 | dir=in | app=c:\users\eamon\appdata\roaming\utorrent\utorrent.exe |
"{9477098A-FEFE-45BD-9147-812224F08DB4}" = protocol=17 | dir=in | app=c:\users\eamon\downloads\utorrent.exe |
"{95C9FC39-3EA7-4892-8356-E963C12F3089}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A74F0614-EA3F-49C5-8953-4F97577947E9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{AC914DD8-4AE6-4672-B417-BCC5564A9A54}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B915F1C6-240E-4A3B-9226-1EE42D51064F}" = protocol=6 | dir=in | app=c:\users\eamon\appdata\roaming\dropbox\bin\dropbox.exe |
"{BACDEF6A-19F2-4611-AD60-B52418368A5D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C211C681-17B7-4CB7-9FE0-DDE206E52475}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{C3AB982B-581B-4E2C-9757-17C45DA3BBCD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C794125F-6DCD-4E65-A6C3-BE05032D4119}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC2D768D-1157-4DE9-86C9-20657628D046}" = protocol=6 | dir=in | app=c:\users\eamon\downloads\utorrent.exe |
"{CC41CCC1-8EBB-4DCC-95C6-68B3546C4228}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{D1B70027-8A54-49E9-9597-BD4A7732DFFE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DA5E31A2-F403-42FC-8B92-B672F8585AA8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DD80FE51-BB63-4620-BF4E-07DCC35F2EF2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{E20F7C3C-72DD-4299-B71A-1F67DFCB341F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E2CE1BF8-08F2-4F68-877E-4F7F8CE5EB4A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{E6220C3A-7807-42AC-8205-38654E1AEE8D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EA79A59B-9A7A-41D5-8AB5-A83C88F00B4C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA9208B8-0F72-4221-9465-432B7EBFB683}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FEE411CE-A702-4E7B-AA51-21251712814A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{6954883C-03AC-4D71-B2B8-080B78111F64}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{758BF38D-AB99-450E-8A30-11481CA2490E}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{EAA45135-4B16-4D0D-8F1E-978EBFA8D438}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"UDP Query User{2B3C830D-B690-4707-AC87-C0BB985FD882}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{7DA06B1C-AB89-46C4-A15D-F07DA98CAE83}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{F624F11A-E4B7-4313-9255-0EA6E8CC67C2}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{14297226-E0A0-3781-8911-E9D529552663}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{2BFD590F-1D73-3533-E734-FDDAC3746E4A}" = AMD Catalyst Install Manager
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 344.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 344.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 344.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 344.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 16.13.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.32.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 16.13.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.25
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}" = Overwolf.Setup.VC100CRTx64.Dist
"CCleaner" = CCleaner
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{26A24AE4-039D-4CA4-87B4-2F03217071FF}" = Java 7 Update 71
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{631141AD-79AA-447F-B403-21C704D39B8C}" = UPC Fiber Power Optimizer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Czech
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E1AA8B0F-1176-36F1-8A91-AA19CF39C2F6}" = Google Chrome
"{E4E3E62E-16D7-425E-009C-DCB5E64F5955}" = FIFA 2005
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"Coiffeur" = Kadeřník
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"FormatFactory" = FormatFactory 3.3.4.0
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"Mozilla Firefox 31.0 (x86 cs)" = Mozilla Firefox 31.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Polda V_is1" = Polda V
"RegAuditor_is1" = RegAuditor 2.4.6
"Ryse Son of Rome_is1" = Ryse Son of Rome
"Uplay" = Uplay
"VLC media player" = VLC media player 2.1.1
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 5.00 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-365329572-2436669202-1961577668-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"SeznamInstall" = Seznam Software
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.10.2014 13:42:04 | Computer Name = Eamon-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddWin32ServiceFiles: Unable to back up image of service IePlugin
Services since QueryServiceConfig API failed System Error: Systém nemůže nalézt uvedený
soubor. .
Error - 18.10.2014 4:11:32 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.10.2014 12:43:04 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.10.2014 4:40:16 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.10.2014 14:21:02 | Computer Name = Eamon-PC | Source = Windows Backup | ID = 4104
Description =
Error - 20.10.2014 5:53:43 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.10.2014 7:44:10 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.10.2014 7:48:39 | Computer Name = Eamon-PC | Source = MsiInstaller | ID = 11309
Description =
Error - 21.10.2014 8:58:37 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.10.2014 7:21:11 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.10.2014 4:44:46 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.10.2014 9:14:56 | Computer Name = Eamon-PC | Source = Application Hang | ID = 1002
Description = Program setup.exe verze 2.1002.162.1274 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
f60 Čas spuštění: 01cfeec16487e225 Čas ukončení: 5 Cesta k aplikaci: C:\Users\Eamon\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\setup.exe
ID
hlášení: 8a3719cb-5ab6-11e4-aac8-94de802fa095
[ Media Center Events ]
Error - 1.7.2013 12:14:17 | Computer Name = Eamon-PC | Source = MCUpdate | ID = 0
Description = 18:14:16 - Chyba při připojování k Internetu 18:14:17 - Nelze kontaktovat
server..
[ System Events ]
Error - 16.10.2014 11:26:45 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7031
Description = Služba Update PodoWeb byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error - 16.10.2014 11:26:50 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7000
Description = Služba Update PodoWeb neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 16.10.2014 11:35:42 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7000
Description = Služba Update Cantataweb neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 16.10.2014 11:35:42 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7000
Description = Služba Update PodoWeb neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 16.10.2014 13:19:39 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.
Error - 16.10.2014 13:19:39 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error - 17.10.2014 7:37:54 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7034
Description = Služba IePlugin Services byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 19.10.2014 4:44:21 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Schedule bylo dosaženo časového
limitu (30000 ms).
Error - 19.10.2014 16:03:52 | Computer Name = Eamon-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 20.10.2014 5:52:57 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eamon\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,96 Gb Total Physical Memory | 5,61 Gb Available Physical Memory | 70,44% Memory free
15,93 Gb Paging File | 13,31 Gb Available in Paging File | 83,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,36 Gb Total Space | 26,34 Gb Free Space | 9,43% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 185,85 Gb Free Space | 79,81% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 228,21 Gb Free Space | 76,56% Space Free | Partition Type: NTFS
Drive G: | 25,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: EAMON-PC | User Name: Eamon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{040C8881-C98E-486A-B11B-B99EE691AC69}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{0686740A-A5BC-489F-A757-3E58D0922D19}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B607810-569A-4B46-B799-36FA3846E433}" = lport=445 | protocol=6 | dir=in | app=system |
"{1766FF10-6FE0-45E1-9213-ECED2A723A5F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1B806B94-BEA7-49E6-8A69-5B624A0749B2}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{243613CB-0C22-4BC6-A667-3454AD25C5F0}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{249E6A9A-2EB3-4FAC-8DA9-BFAC485A0CDF}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{24A10B27-2495-4CFC-9513-3D5D76825567}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{25516EBF-D99A-4279-B64A-2875B1B33F34}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2B6B45BC-FEA4-4C62-87B9-91BFBEF21C1D}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{2BBA5933-FA44-486B-855C-B8340CE69FAA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{312440DC-DF85-470A-A23C-C3411445B01A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{312E19C7-E4C3-44E6-8DC9-369AF993AA2F}" = lport=139 | protocol=6 | dir=in | app=system |
"{3255A12A-84CE-4A38-B7DE-7640DC84840C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{330EE4B0-1160-46FE-9C21-8DB8F26F3EEB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{381C8F02-0C29-430B-9C9A-CE1BC38BE0A3}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{4480AA4F-2E71-4BF5-979F-6E98A07B9C46}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{483E3805-0C38-48C4-9DA4-45C0E911BDA6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A6A7F24-F159-4CBE-ABCE-02F5AF657ECA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5255C5C6-1437-4BEC-879A-3B984D852A51}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5A049356-003F-4E22-9A86-90B71666FEB6}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{5F03904D-CA7D-4C08-AFC0-0DDABD90BED7}" = lport=138 | protocol=17 | dir=in | app=system |
"{6E2C00ED-32D1-49EF-91B8-1F25A0BBA598}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{6EB5C46D-4F1D-4941-B141-603513E920F0}" = rport=138 | protocol=17 | dir=out | app=system |
"{7E2B2079-CED6-49CC-8473-8968CB4CCC1D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8E059272-1D72-436D-B8A9-1C5BD1E32947}" = lport=137 | protocol=17 | dir=in | app=system |
"{8FB0B2E1-1356-4079-8D6D-E21704342E70}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9134FE3D-FC62-48A7-84AF-F2E43430A105}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{91B3E0DA-707D-4ACE-BFF6-EB4EE46364B7}" = rport=139 | protocol=6 | dir=out | app=system |
"{92BE04CD-DC05-42A6-AA0B-C8E91EB02593}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{98F7831D-BDB1-4AAF-8F3B-2CBFF65DA8DD}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{99119154-7880-4277-A245-2917982FBDCB}" = rport=445 | protocol=6 | dir=out | app=system |
"{99DEB2AD-DF78-4A91-88C7-E2053ED1F77C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9C15B399-DD9B-4FE1-900C-C4A4732A2A87}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A9F94287-4FB2-47EE-92D6-A7AD3389E498}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BCB6B129-24DB-4DD8-B0FB-4C31E47CF627}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{BD907923-F12E-4B97-A6A9-74A87318BEFF}" = rport=137 | protocol=17 | dir=out | app=system |
"{D954D90E-45A4-4F56-94DA-BF3E6DD33BD8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DF3946D3-DCA5-48B7-833D-8A099D7F0AF7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E1AF53B8-4C23-4823-914A-FA6C828B34B3}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{EBB0BA33-69F9-445A-92A8-7D46496CF9CD}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{ECC6A100-A9A2-4718-B0DC-CF44A9A37C33}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F6F34DF7-EE49-4680-BA0B-B95C43089168}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{046828F3-5617-4A12-A7DB-C46648E81B82}" = protocol=6 | dir=out | app=system |
"{08AD5BF5-E54B-4208-9AE9-05904DD10B3D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0E6DA2F7-B6BB-4E57-ACDE-C61F20133C81}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{163395ED-470B-4396-8CB6-5FADBD5DE2E9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{18206669-C965-41B2-BBA3-57E8434A8B6D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A87DAA5-5430-42A7-BA20-E8E60DA56169}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{1AAF2287-8859-441A-AF99-353FD44233A8}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{23F87F0E-CE98-4D9A-928C-6262472C6DD6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26CFB4BB-D933-40AC-ABF7-E121761D9C2B}" = protocol=6 | dir=in | app=c:\users\eamon\appdata\roaming\utorrent\utorrent.exe |
"{2AE5115D-7920-44B2-AB46-ED1BB13B993E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{40A981A0-0E60-4668-9AB4-4E6ECC71F024}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{569AD547-BFFA-481D-A71A-D9D2120C3914}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5A156722-C0C0-4E8B-8C4B-273D669B8AC5}" = protocol=17 | dir=in | app=c:\users\eamon\appdata\roaming\dropbox\bin\dropbox.exe |
"{600E0F1A-1419-4A19-9284-90A689C3190A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{71788F52-FD83-4C7E-80C7-F7DD7E2CA744}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{75777B48-02C8-4674-8541-2D9A3F280FAB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77D331E7-5D9B-4A9F-83BC-B31C04D2839F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{87941A1D-7BE2-4CFB-BB5B-4409CD55D452}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8F40AB93-DE6E-4BEE-BD04-06BE22EEF022}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8F99D5B5-DAA4-4343-BC7D-A86C713EBF97}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{9329A1FC-FD98-4E49-AF7B-C19CCB29C11E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9408B0BB-4DEF-4129-B6E3-EC0CE6E5AAF6}" = protocol=17 | dir=in | app=c:\users\eamon\appdata\roaming\utorrent\utorrent.exe |
"{9477098A-FEFE-45BD-9147-812224F08DB4}" = protocol=17 | dir=in | app=c:\users\eamon\downloads\utorrent.exe |
"{95C9FC39-3EA7-4892-8356-E963C12F3089}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A74F0614-EA3F-49C5-8953-4F97577947E9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{AC914DD8-4AE6-4672-B417-BCC5564A9A54}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B915F1C6-240E-4A3B-9226-1EE42D51064F}" = protocol=6 | dir=in | app=c:\users\eamon\appdata\roaming\dropbox\bin\dropbox.exe |
"{BACDEF6A-19F2-4611-AD60-B52418368A5D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C211C681-17B7-4CB7-9FE0-DDE206E52475}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{C3AB982B-581B-4E2C-9757-17C45DA3BBCD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C794125F-6DCD-4E65-A6C3-BE05032D4119}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC2D768D-1157-4DE9-86C9-20657628D046}" = protocol=6 | dir=in | app=c:\users\eamon\downloads\utorrent.exe |
"{CC41CCC1-8EBB-4DCC-95C6-68B3546C4228}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{D1B70027-8A54-49E9-9597-BD4A7732DFFE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DA5E31A2-F403-42FC-8B92-B672F8585AA8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DD80FE51-BB63-4620-BF4E-07DCC35F2EF2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{E20F7C3C-72DD-4299-B71A-1F67DFCB341F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E2CE1BF8-08F2-4F68-877E-4F7F8CE5EB4A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{E6220C3A-7807-42AC-8205-38654E1AEE8D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EA79A59B-9A7A-41D5-8AB5-A83C88F00B4C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA9208B8-0F72-4221-9465-432B7EBFB683}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FEE411CE-A702-4E7B-AA51-21251712814A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{6954883C-03AC-4D71-B2B8-080B78111F64}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{758BF38D-AB99-450E-8A30-11481CA2490E}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{EAA45135-4B16-4D0D-8F1E-978EBFA8D438}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"UDP Query User{2B3C830D-B690-4707-AC87-C0BB985FD882}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{7DA06B1C-AB89-46C4-A15D-F07DA98CAE83}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{F624F11A-E4B7-4313-9255-0EA6E8CC67C2}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{14297226-E0A0-3781-8911-E9D529552663}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{2BFD590F-1D73-3533-E734-FDDAC3746E4A}" = AMD Catalyst Install Manager
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 344.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 344.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 344.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 344.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 16.13.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.32.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 16.13.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.25
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}" = Overwolf.Setup.VC100CRTx64.Dist
"CCleaner" = CCleaner
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{26A24AE4-039D-4CA4-87B4-2F03217071FF}" = Java 7 Update 71
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{631141AD-79AA-447F-B403-21C704D39B8C}" = UPC Fiber Power Optimizer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Czech
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E1AA8B0F-1176-36F1-8A91-AA19CF39C2F6}" = Google Chrome
"{E4E3E62E-16D7-425E-009C-DCB5E64F5955}" = FIFA 2005
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"Coiffeur" = Kadeřník
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"FormatFactory" = FormatFactory 3.3.4.0
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"Mozilla Firefox 31.0 (x86 cs)" = Mozilla Firefox 31.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Polda V_is1" = Polda V
"RegAuditor_is1" = RegAuditor 2.4.6
"Ryse Son of Rome_is1" = Ryse Son of Rome
"Uplay" = Uplay
"VLC media player" = VLC media player 2.1.1
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 5.00 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-365329572-2436669202-1961577668-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"SeznamInstall" = Seznam Software
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.10.2014 13:42:04 | Computer Name = Eamon-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddWin32ServiceFiles: Unable to back up image of service IePlugin
Services since QueryServiceConfig API failed System Error: Systém nemůže nalézt uvedený
soubor. .
Error - 18.10.2014 4:11:32 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.10.2014 12:43:04 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.10.2014 4:40:16 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.10.2014 14:21:02 | Computer Name = Eamon-PC | Source = Windows Backup | ID = 4104
Description =
Error - 20.10.2014 5:53:43 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.10.2014 7:44:10 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.10.2014 7:48:39 | Computer Name = Eamon-PC | Source = MsiInstaller | ID = 11309
Description =
Error - 21.10.2014 8:58:37 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.10.2014 7:21:11 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.10.2014 4:44:46 | Computer Name = Eamon-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.10.2014 9:14:56 | Computer Name = Eamon-PC | Source = Application Hang | ID = 1002
Description = Program setup.exe verze 2.1002.162.1274 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
f60 Čas spuštění: 01cfeec16487e225 Čas ukončení: 5 Cesta k aplikaci: C:\Users\Eamon\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\16.13.56.0\setup.exe
ID
hlášení: 8a3719cb-5ab6-11e4-aac8-94de802fa095
[ Media Center Events ]
Error - 1.7.2013 12:14:17 | Computer Name = Eamon-PC | Source = MCUpdate | ID = 0
Description = 18:14:16 - Chyba při připojování k Internetu 18:14:17 - Nelze kontaktovat
server..
[ System Events ]
Error - 16.10.2014 11:26:45 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7031
Description = Služba Update PodoWeb byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error - 16.10.2014 11:26:50 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7000
Description = Služba Update PodoWeb neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 16.10.2014 11:35:42 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7000
Description = Služba Update Cantataweb neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 16.10.2014 11:35:42 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7000
Description = Služba Update PodoWeb neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 16.10.2014 13:19:39 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.
Error - 16.10.2014 13:19:39 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error - 17.10.2014 7:37:54 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7034
Description = Služba IePlugin Services byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 19.10.2014 4:44:21 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Schedule bylo dosaženo časového
limitu (30000 ms).
Error - 19.10.2014 16:03:52 | Computer Name = Eamon-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 20.10.2014 5:52:57 | Computer Name = Eamon-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).
< End of report >
Re: Prosim o kontrolu, pc si dela co chce
Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o kontrolu, pc si dela co chce
Ano pouzivam original, souhlasim ze to neni bezne ale kdyz ho dostanete jako darek proc ne.
Re: Prosim o kontrolu, pc si dela co chce
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o kontrolu, pc si dela co chce
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Ultimate x64
Ran by Eamon on p 24.10.2014 at 14:07:06,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update surftastic
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611191115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220622192215}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550655195515}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660666196615}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644194415}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611191115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220622192215}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550655195515}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660666196615}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644194415}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550655195515}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660666196615}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644194415}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateSurftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateSurftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilSurftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilSurftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550655195515}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660666196615}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644194415}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateSurftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateSurftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilSurftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilSurftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D455EE11-1273-4605-840A-504957543C4D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\drivergenius"
Successfully deleted: [Folder] "C:\ProgramData\iepluginservices"
Successfully deleted: [Folder] "C:\Users\Eamon\appdata\local\globalupdate"
~~~ FireFox
Successfully deleted: [File] C:\Users\Eamon\AppData\Roaming\mozilla\firefox\profiles\ci3hmcx9.default\user.js
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\faststartff@gmail.com
Successfully deleted the following from C:\Users\Eamon\AppData\Roaming\mozilla\firefox\profiles\ci3hmcx9.default\prefs.js
user_pref("browser.search.defaultenginename", "mystartsearch");
user_pref("extensions.crossrider.bic", "14919ecf2c3af8dacd509d5c6ea98bd4");
Emptied folder: C:\Users\Eamon\AppData\Roaming\mozilla\firefox\profiles\ci3hmcx9.default\minidumps [21 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 24.10.2014 at 14:11:00,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Ultimate x64
Ran by Eamon on p 24.10.2014 at 14:07:06,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update surftastic
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110611191115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220622192215}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550655195515}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660666196615}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644194415}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611191115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220622192215}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550655195515}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660666196615}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644194415}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550655195515}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660666196615}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644194415}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateSurftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateSurftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilSurftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilSurftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550655195515}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660666196615}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644194415}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateSurftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updateSurftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilSurftastic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilSurftastic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D455EE11-1273-4605-840A-504957543C4D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\drivergenius"
Successfully deleted: [Folder] "C:\ProgramData\iepluginservices"
Successfully deleted: [Folder] "C:\Users\Eamon\appdata\local\globalupdate"
~~~ FireFox
Successfully deleted: [File] C:\Users\Eamon\AppData\Roaming\mozilla\firefox\profiles\ci3hmcx9.default\user.js
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\faststartff@gmail.com
Successfully deleted the following from C:\Users\Eamon\AppData\Roaming\mozilla\firefox\profiles\ci3hmcx9.default\prefs.js
user_pref("browser.search.defaultenginename", "mystartsearch");
user_pref("extensions.crossrider.bic", "14919ecf2c3af8dacd509d5c6ea98bd4");
Emptied folder: C:\Users\Eamon\AppData\Roaming\mozilla\firefox\profiles\ci3hmcx9.default\minidumps [21 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 24.10.2014 at 14:11:00,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosim o kontrolu, pc si dela co chce
# AdwCleaner v4.001 - Report created 24/10/2014 at 14:14:08
# DB v2014-10-23.2
# Updated 20/10/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Eamon - EAMON-PC
# Running from : C:\Users\Eamon\Downloads\adwcleaner_4.001.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\YTAHelper
Folder Deleted : C:\Users\Eamon\AppData\Local\CrashRpt
Folder Deleted : C:\Program Files (x86)\Senses
Folder Deleted : C:\Users\Eamon\AppData\Roaming\Mozilla\Firefox\Profiles\ci3hmcx9.default\Extensions\warnerroberts@hotmail.com
File Deleted : C:\Users\Eamon\daemonprocess.txt
File Deleted : C:\Windows\System32\log\iSafeKrnlCall.log
***** [ Scheduled Tasks ] *****
Task Deleted : AmiUpdXp
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-1
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-11
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-3
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-4
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-5
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-5_user
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-6
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-7
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Senses
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Senses-nv
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\Senses
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v31.0 (x86 cs)
-\\ Google Chrome v38.0.2125.104
*************************
AdwCleaner[R2].txt - [6533 octets] - [24/10/2014 14:12:32]
AdwCleaner[S2].txt - [6379 octets] - [24/10/2014 14:14:08]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [6439 octets] ##########
# DB v2014-10-23.2
# Updated 20/10/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Eamon - EAMON-PC
# Running from : C:\Users\Eamon\Downloads\adwcleaner_4.001.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\YTAHelper
Folder Deleted : C:\Users\Eamon\AppData\Local\CrashRpt
Folder Deleted : C:\Program Files (x86)\Senses
Folder Deleted : C:\Users\Eamon\AppData\Roaming\Mozilla\Firefox\Profiles\ci3hmcx9.default\Extensions\warnerroberts@hotmail.com
File Deleted : C:\Users\Eamon\daemonprocess.txt
File Deleted : C:\Windows\System32\log\iSafeKrnlCall.log
***** [ Scheduled Tasks ] *****
Task Deleted : AmiUpdXp
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-1
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-11
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-3
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-4
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-5
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-5_user
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-6
Task Deleted : 1b58c730-65b5-4e0d-a515-021b356a0503-7
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Senses
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Senses-nv
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\Senses
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v31.0 (x86 cs)
-\\ Google Chrome v38.0.2125.104
*************************
AdwCleaner[R2].txt - [6533 octets] - [24/10/2014 14:12:32]
AdwCleaner[S2].txt - [6379 octets] - [24/10/2014 14:14:08]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [6439 octets] ##########
Re: Prosim o kontrolu, pc si dela co chce
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o kontrolu, pc si dela co chce
Pc se nerestartovalo a vice toho program neudelal.
Zoek.exe v5.0.0.0 Updated 24-10-2014
Tool run by Eamon on p 24.10.2014 at 19:57:34,95.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Eamon\Downloads\zoek\zoek.scr [Scan all users] [Script inserted]
===== Runcheck 19:59:01,13 =====
--- Create Environment Variables 19:59:03,66
--- Create System Restore Point 19:59:16,15
--- Checking Input 19:59:51,24
--- Reset Hosts File 20:00:10,35
--- AU AppData Check 20:00:12,64
--- Remove From Windows Installer 20:00:19,13
--- IE Startpage Check 20:02:16,08
--- Program Files DB Check 20:04:15,51
--- C:\Users\Default\AppData\Roaming DB Check 20:05:30,53
--- C:\Users\Default User\AppData\Roaming DB Check 20:05:30,53
--- C:\Users\Eamon\AppData\Roaming DB Check 20:05:30,53
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 20:05:30,53
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 20:05:30,53
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 20:05:30,53
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 20:05:30,53
--- C:\Users\Eamon DB Check 20:08:58,36
--- C:\PROGRA~3 DB Check 20:09:26,93
--- C:\Users\Default\AppData\Local DB Check 20:09:30,16
--- C:\Users\Default User\AppData\Local DB Check 20:09:30,16
--- C:\Users\Eamon\AppData\Local DB Check 20:09:30,16
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 20:09:30,16
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 20:09:30,16
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 20:09:30,16
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 20:09:30,16
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 20:11:53,10
--- C:\Users\Eamon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 20:12:08,04
--- Tasks DB Check 20:12:17,20
--- Downloads DB Check 20:12:23,24
--- C:\Users\Eamon\AppData\LocalLow DB Check 20:12:30,70
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 20:12:30,70
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 20:12:30,70
--- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 20:12:30,70
--- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 20:12:30,70
--- Tasks2 DB Check 20:14:02,61
--- Documents DB Check 20:14:45,63
--- C:\Users\Eamon\AppData\Roaming\Mozilla\Firefox\Profiles\ci3hmcx9.default DB Check 20:14:54,37
--- C:\Users\Public\Desktop DB Check 20:14:58,61
--- C:\Users\Eamon\Desktop DB Check 20:15:04,27
--- Services DB Check 20:15:18,70
--- FF prefs.js DB Check 20:15:50,49
--- Emptyclsid 20:17:08,23
--- Del by CLSID 20:17:15,45
--- Delete Services 20:18:06,69
--- Firefox Fix 20:18:11,42
--- Delete files\folders 20:18:15,33
--- Create Backups 20:18:15,68
Zoek.exe v5.0.0.0 Updated 24-10-2014
Tool run by Eamon on p 24.10.2014 at 19:57:34,95.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Eamon\Downloads\zoek\zoek.scr [Scan all users] [Script inserted]
===== Runcheck 19:59:01,13 =====
--- Create Environment Variables 19:59:03,66
--- Create System Restore Point 19:59:16,15
--- Checking Input 19:59:51,24
--- Reset Hosts File 20:00:10,35
--- AU AppData Check 20:00:12,64
--- Remove From Windows Installer 20:00:19,13
--- IE Startpage Check 20:02:16,08
--- Program Files DB Check 20:04:15,51
--- C:\Users\Default\AppData\Roaming DB Check 20:05:30,53
--- C:\Users\Default User\AppData\Roaming DB Check 20:05:30,53
--- C:\Users\Eamon\AppData\Roaming DB Check 20:05:30,53
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 20:05:30,53
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 20:05:30,53
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 20:05:30,53
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 20:05:30,53
--- C:\Users\Eamon DB Check 20:08:58,36
--- C:\PROGRA~3 DB Check 20:09:26,93
--- C:\Users\Default\AppData\Local DB Check 20:09:30,16
--- C:\Users\Default User\AppData\Local DB Check 20:09:30,16
--- C:\Users\Eamon\AppData\Local DB Check 20:09:30,16
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 20:09:30,16
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 20:09:30,16
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 20:09:30,16
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 20:09:30,16
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 20:11:53,10
--- C:\Users\Eamon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 20:12:08,04
--- Tasks DB Check 20:12:17,20
--- Downloads DB Check 20:12:23,24
--- C:\Users\Eamon\AppData\LocalLow DB Check 20:12:30,70
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 20:12:30,70
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 20:12:30,70
--- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 20:12:30,70
--- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 20:12:30,70
--- Tasks2 DB Check 20:14:02,61
--- Documents DB Check 20:14:45,63
--- C:\Users\Eamon\AppData\Roaming\Mozilla\Firefox\Profiles\ci3hmcx9.default DB Check 20:14:54,37
--- C:\Users\Public\Desktop DB Check 20:14:58,61
--- C:\Users\Eamon\Desktop DB Check 20:15:04,27
--- Services DB Check 20:15:18,70
--- FF prefs.js DB Check 20:15:50,49
--- Emptyclsid 20:17:08,23
--- Del by CLSID 20:17:15,45
--- Delete Services 20:18:06,69
--- Firefox Fix 20:18:11,42
--- Delete files\folders 20:18:15,33
--- Create Backups 20:18:15,68
Re: Prosim o kontrolu, pc si dela co chce
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o kontrolu, pc si dela co chce
FRSTLauncher jsem spustil jako spravce ovsem program pise pristup byl odepren co stim??
Re: Prosim o kontrolu, pc si dela co chce
pise neni platna aplikace typu win 32
Přispějete na provoz fóra?
