Pomalý PC

[Idea]

Servus,

Mám pomalý noťas..
Všetko mu trvá nedajbože si zapnúť hru..
Poprosím o pomoc poprípade radu ako to dať dokopy..
Ďakujem.

*****************************************************************************************

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kic at 2015-06-12 14:46:07
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 218 GB (72%) free of 305 GB
Total RAM: 3949 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:46:13, on 12. 6. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
C:\Users\Kic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Kic.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={A4AFCB01 ... 2014-12-16 09:30:17&v=4.1.0.411&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.1.0.411\AVG Web TuneUp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kic\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.4.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 8639 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-7e6d-ad2493eb2c7b /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-1764063954-1904693872143655688-310272268755102408-9979981101490255727696159814
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Windows\system32\GWX\GWX.exe"
ATKOSD.exe
WDC.exe
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
ctfmon.exe
"C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe" --type=renderer --no-sandbox --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=en-US --uncaught-exception-stack-size=1024 --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3000.1.1452868894\354437646" /prefetch:673131151
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\Kic\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Kic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3172.0.961237119\287239460" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.1100 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Kic\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_57/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3172 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3172.4.502823093\1225284113" /prefetch:673131151
"C:\Users\Kic\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2222809053-3503638496-147696768-1001Core.job - C:\Users\Kic\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2222809053-3503638496-147696768-1001UA.job - C:\Users\Kic\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Open Chrome.job - C:\Users\Kic\AppData\Local\Google\Chrome\Application\chrome.exe --new-window toolbar.avg.com/ch-uninstall?cid={A4AFCB01-F207-4021-8DAF-A9CA80870BFD}&mid=c7c718d8099e47d288fdd16c9556f39b-62015d3c16f9799a4650104acf32fd27896e47c6&lang=sk&ds=AVG&coid=avgtbavg&cmpid=1214av&pr=fr&d=&v=4.0.5.7&pid=wtu&sg=

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2014-07-30 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.1.0.411\AVG Web TuneUp.dll [2015-03-04 2424856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2014-07-30 41760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"Google Update"=C:\Users\Kic\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-30 116648]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI]
C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-05-18 3745744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Kic\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-30 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-04-17 31282304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ALFA plus - rýchle spustenie.lnk]
C:\PROGRA~2\KROS\ALFAPL~1\!System\ALFAplus.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2015-03-04 3033112]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-05-18 3745744]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-12 14:46:07 ----D---- C:\rsit
2015-06-10 16:29:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 16:29:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 16:29:29 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 16:29:29 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 16:29:29 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 16:29:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 16:29:29 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 16:29:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 16:29:29 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 16:29:29 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 16:29:29 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 16:29:29 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 16:29:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 16:29:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 16:29:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 16:29:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 16:29:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 16:29:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 16:29:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 16:29:27 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 16:29:27 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 16:29:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 16:29:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 16:29:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 16:29:26 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 16:29:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 16:29:26 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 16:29:26 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 16:29:26 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 16:29:26 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 16:29:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 16:29:26 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 16:29:25 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 16:29:25 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 16:29:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 16:29:24 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 16:29:24 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 16:29:24 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 16:29:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 16:29:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 16:29:23 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 16:29:23 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 16:29:22 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 16:29:22 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 16:29:22 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 16:29:22 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 16:29:21 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 16:29:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 16:29:21 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 16:29:21 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 16:29:21 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 16:29:20 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 16:29:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 16:29:19 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 16:28:22 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 16:28:21 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 16:28:21 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 16:28:21 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 16:28:21 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 16:28:21 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 16:28:20 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 16:28:20 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 16:28:15 ----A---- C:\Windows\system32\invagent.dll
2015-06-10 16:28:15 ----A---- C:\Windows\system32\generaltel.dll
2015-06-10 16:28:15 ----A---- C:\Windows\system32\devinv.dll
2015-06-10 16:28:15 ----A---- C:\Windows\system32\appraiser.dll
2015-06-10 16:28:15 ----A---- C:\Windows\system32\aepic.dll
2015-06-10 16:28:15 ----A---- C:\Windows\system32\aepdu.dll
2015-06-10 16:28:15 ----A---- C:\Windows\system32\aeinv.dll
2015-06-10 16:28:15 ----A---- C:\Windows\system32\acmigration.dll
2015-06-10 16:28:02 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 16:28:02 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 16:28:02 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 16:28:02 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 16:28:01 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 16:28:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 16:28:00 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 16:28:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 16:28:00 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 16:28:00 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 16:27:59 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 16:27:59 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 16:27:59 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 16:27:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 16:27:59 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 16:27:58 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 16:27:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 16:27:58 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 16:27:58 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 16:27:58 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 16:27:58 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 16:27:58 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 16:27:58 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 16:27:58 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 16:27:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 16:27:57 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 16:27:57 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 16:27:57 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 16:27:57 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 16:27:57 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 16:27:57 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 16:27:57 ----A---- C:\Windows\system32\logman.exe
2015-06-10 16:27:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 16:27:56 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 16:27:56 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 16:27:56 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 16:27:56 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 16:27:56 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 16:27:56 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 16:27:56 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 16:27:56 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 16:27:56 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 16:27:56 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 16:27:56 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 16:27:56 ----A---- C:\Windows\system32\smss.exe
2015-06-10 16:27:56 ----A---- C:\Windows\system32\relog.exe
2015-06-10 16:27:56 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 16:27:56 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 16:27:55 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 16:27:55 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 16:27:55 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 16:27:55 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 16:27:55 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 16:27:55 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 16:27:55 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 16:27:54 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 16:27:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 16:27:54 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 16:27:54 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 16:27:54 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 16:27:54 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 16:27:54 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 16:27:54 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 16:27:54 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 16:27:53 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 16:27:53 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 16:27:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 16:27:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 16:27:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 16:27:51 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 16:27:51 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 16:27:51 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 16:27:50 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 16:27:49 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 16:27:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 16:27:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 16:27:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 16:27:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 16:27:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 16:27:47 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 16:27:47 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 16:27:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 16:27:46 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 16:27:46 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 16:27:46 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 16:27:45 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 16:27:44 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 16:27:44 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 16:27:44 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 16:27:44 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 16:27:43 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 16:27:43 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 16:27:18 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 16:27:17 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 16:27:14 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 16:27:08 ----A---- C:\Windows\system32\drivers\stream.sys
2015-05-18 22:45:11 ----D---- C:\Program Files (x86)\Google
2015-05-13 22:42:25 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 22:42:24 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 20:09:33 ----A---- C:\Windows\system32\certcli.dll
2015-05-13 20:09:32 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-05-13 20:05:03 ----A---- C:\Windows\system32\services.exe
2015-05-13 20:04:06 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-05-13 20:04:06 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 20:04:06 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 20:03:25 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-05-13 20:03:25 ----A---- C:\Windows\system32\InkEd.dll
2015-05-13 20:03:24 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-13 20:03:18 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2015-05-13 20:03:18 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-13 20:03:13 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-05-13 20:03:13 ----A---- C:\Windows\system32\poqexec.exe
2015-05-13 19:59:35 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-05-13 19:59:35 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-05-13 19:59:35 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-05-13 19:59:35 ----A---- C:\Windows\system32\shimeng.dll
2015-05-13 19:59:35 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-13 19:59:35 ----A---- C:\Windows\system32\apphelp.dll
2015-05-13 19:59:35 ----A---- C:\Windows\system32\aelupsvc.dll

======List of files/folders modified in the last 1 month======

2015-06-12 14:46:12 ----D---- C:\Program Files\trend micro
2015-06-12 14:45:49 ----D---- C:\Windows\Temp
2015-06-12 14:41:03 ----D---- C:\Program Files (x86)\Steam
2015-06-12 14:40:52 ----D---- C:\Windows\system32\LogFiles
2015-06-12 14:40:52 ----D---- C:\Windows\Prefetch
2015-06-12 14:40:48 ----D---- C:\Windows\System32
2015-06-12 14:40:48 ----D---- C:\Windows\Minidump
2015-06-12 14:40:48 ----D---- C:\Windows\inf
2015-06-12 14:40:48 ----D---- C:\Windows\debug
2015-06-12 14:40:48 ----D---- C:\Windows
2015-06-12 14:27:29 ----D---- C:\ProgramData\MFAData
2015-06-12 14:24:31 ----D---- C:\Windows\system32\config
2015-06-11 22:10:51 ----D---- C:\Windows\winsxs
2015-06-11 21:48:25 ----SHD---- C:\Windows\Installer
2015-06-10 21:58:08 ----D---- C:\Windows\SysWOW64
2015-06-10 21:58:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-10 21:41:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-10 21:33:53 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-10 21:33:52 ----SD---- C:\Windows\system32\CompatTel
2015-06-10 21:33:52 ----D---- C:\Windows\system32\appraiser
2015-06-10 21:33:52 ----D---- C:\Program Files\Windows Media Player
2015-06-10 21:33:51 ----D---- C:\Windows\AppPatch
2015-06-10 21:33:48 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-10 21:33:45 ----D---- C:\Windows\system32\en-US
2015-06-10 21:33:41 ----D---- C:\Windows\system32\drivers
2015-06-10 21:33:36 ----D---- C:\Program Files\Internet Explorer
2015-06-10 21:33:35 ----D---- C:\Windows\PolicyDefinitions
2015-06-10 21:33:34 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-10 16:38:50 ----D---- C:\ProgramData\Microsoft Help
2015-06-10 16:37:13 ----D---- C:\Windows\system32\MRT
2015-06-10 16:31:57 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 16:30:37 ----SHD---- C:\System Volume Information
2015-06-10 16:23:27 ----D---- C:\Windows\system32\catroot2
2015-05-31 22:11:53 ----D---- C:\Users\Kic\AppData\Roaming\Skype
2015-05-28 16:46:46 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-28 16:46:46 ----SD---- C:\Windows\system32\GWX
2015-05-28 00:32:26 ----D---- C:\Windows\SoftwareDistribution
2015-05-24 17:47:47 ----D---- C:\Windows\rescache
2015-05-24 16:10:19 ----D---- C:\ProgramData\Skype
2015-05-18 22:45:29 ----RD---- C:\Program Files (x86)
2015-05-18 22:45:23 ----D---- C:\Windows\Tasks
2015-05-16 10:41:15 ----D---- C:\Windows\Microsoft.NET
2015-05-16 10:36:49 ----RSD---- C:\Windows\assembly
2015-05-15 21:21:33 ----D---- C:\Program Files\Windows Journal
2015-05-15 21:21:32 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-15 21:21:25 ----D---- C:\Windows\system32\DriverStore
2015-05-15 21:21:24 ----D---- C:\Windows\system32\drivers\UMDF
2015-05-15 21:20:52 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-15 21:20:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2015-05-07 253920]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-05-07 378336]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2015-05-07 220128]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-03-20 40928]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-03-11 162784]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2015-03-20 67040]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2015-04-27 284128]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-04-15 256992]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-05-04 291296]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2014-07-31 169048]
R3 JME;JMicron Ethernet Adapter NDIS6.0 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-10-05 124896]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-01-31 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2015-05-18 1522664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-05-18 3438544]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-05-18 311792]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 vToolbarUpdater18.4.0;vToolbarUpdater18.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [2015-03-04 1875480]
R2 WtuSystemSupport;WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [2015-03-04 620056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-02-25 237864]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-15 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Márty84]

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[Idea]

OTL logfile created on: 14. 6. 2015 14:23:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kic\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,86 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 53,14% Memory free
7,71 Gb Paging File | 5,63 Gb Available in Paging File | 73,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 211,34 Gb Free Space | 70,92% Space Free | Partition Type: NTFS

Computer Name: KICPC | User Name: Kic | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/06/14 13:15:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kic\Desktop\OTL.exe
PRC - [2015/05/18 11:54:26 | 003,438,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
PRC - [2015/05/18 11:49:54 | 003,745,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe
PRC - [2015/05/18 11:47:26 | 001,522,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
PRC - [2015/05/18 11:45:46 | 000,311,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
PRC - [2015/03/04 19:25:43 | 003,033,112 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
PRC - [2015/03/04 19:25:43 | 001,875,480 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe
PRC - [2015/03/04 19:25:43 | 001,402,392 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
PRC - [2015/03/04 19:25:43 | 000,620,056 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
PRC - [2015/03/04 19:25:43 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\loggingserver.exe
PRC - [2014/12/19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/02/05 10:05:08 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe


========== Modules (No Company Name) ==========

MOD - [2015/06/05 20:22:13 | 001,281,864 | ---- | M] () -- C:\Users\Kic\AppData\Local\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
MOD - [2015/06/05 20:22:12 | 000,080,712 | ---- | M] () -- C:\Users\Kic\AppData\Local\Google\Chrome\Application\43.0.2357.124\libegl.dll
MOD - [2015/03/04 19:25:44 | 040,630,296 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\libcef.dll
MOD - [2015/03/04 19:25:44 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\log4cplusU.dll
MOD - [2015/03/04 19:25:43 | 003,033,112 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
MOD - [2014/12/16 10:29:32 | 001,686,552 | ---- | M] () -- C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll


========== Services (SafeList) ==========

SRV:64bit: - [2015/05/25 20:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015/05/22 20:47:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/30 05:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015/06/12 14:57:04 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/05/18 11:54:26 | 003,438,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2015/05/18 11:47:26 | 001,522,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgfws.exe -- (avgfws)
SRV - [2015/05/18 11:45:46 | 000,311,792 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe -- (avgwd)
SRV - [2015/03/04 19:25:43 | 001,875,480 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe -- (vToolbarUpdater18.4.0)
SRV - [2015/03/04 19:25:43 | 000,620,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe -- (WtuSystemSupport)
SRV - [2015/02/25 22:12:30 | 000,237,864 | ---- | M] (EasyAntiCheat Ltd) [On_Demand | Stopped] -- C:\Windows\SysWOW64\EasyAntiCheat.exe -- (EasyAntiCheat)
SRV - [2015/02/18 20:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/09/23 06:32:08 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/04/12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2015/05/07 13:50:22 | 000,378,336 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2015/05/07 13:49:24 | 000,253,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2015/05/07 13:49:22 | 000,220,128 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2015/05/04 14:14:30 | 000,291,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2015/04/27 13:19:16 | 000,284,128 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2015/04/15 13:06:02 | 000,256,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2015/03/20 12:20:42 | 000,067,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2015/03/20 12:18:18 | 000,040,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2015/03/11 12:16:06 | 000,162,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2015/01/31 05:04:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/07/31 23:07:58 | 000,169,048 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2013/04/30 06:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 06:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/30 04:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/05/14 08:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/10/05 17:12:38 | 000,124,896 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\JME.sys -- (JME)
DRV:64bit: - [2009/09/17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/08/09 01:21:00 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={A4AFCB01 ... 2014-12-16 09:30:17&v=4.1.0.411&pid=wtu&sg=&sap=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F3 DC E5 D8 8B AB CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://mysearch.avg.com/search?cid={A4 ... 2014-12-16 09:30:17&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.4.0\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kic\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kic\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)


[2014/08/26 20:51:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kic\AppData\Roaming\Mozilla\Extensions
[2014/08/26 20:51:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kic\AppData\Roaming\Mozilla\Extensions\express@postbox-inc.com

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Kic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Kic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Kic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Kic\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Kic\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.1.2.604_0\
CHR - Extension: No name found = C:\Users\Kic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
CHR - Extension: No name found = C:\Users\Kic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AVG Web TuneUp) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.1.0.411\AVG Web TuneUp.dll (AVG)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Web TuneUp\vprot.exe ()
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.27.7.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A3A3415-D994-4BA6-8372-7AB646CCA3F6}: DhcpNameServer = 172.27.7.1 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015/06/14 13:15:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kic\Desktop\OTL.exe
[2015/06/12 14:46:07 | 000,000,000 | ---D | C] -- C:\rsit
[2015/06/07 01:20:56 | 000,000,000 | ---D | C] -- C:\Users\Kic\Desktop\100ANDRO
[2015/06/02 15:42:16 | 000,000,000 | ---D | C] -- C:\Users\Kic\AppData\Local\Avg
[2015/06/01 18:04:46 | 000,000,000 | ---D | C] -- C:\Users\Kic\AppData\Local\GWX
[2015/05/18 22:45:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google

========== Files - Modified Within 30 Days ==========

[2015/06/14 14:24:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/06/14 13:56:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/06/14 13:51:03 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2222809053-3503638496-147696768-1001UA.job
[2015/06/14 13:15:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kic\Desktop\OTL.exe
[2015/06/14 13:15:04 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/06/14 13:15:04 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/06/14 13:13:27 | 006,112,256 | ---- | M] () -- C:\Users\Kic\Documents\Outlook.pst
[2015/06/14 13:13:27 | 000,525,312 | ---- | M] () -- C:\Users\Kic\Documents\archive.pst
[2015/06/14 13:06:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/06/14 13:06:21 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
[2015/06/12 17:45:57 | 000,420,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/06/12 14:30:51 | 001,222,144 | ---- | M] () -- C:\Users\Kic\Desktop\RSITx64.exe
[2015/06/11 22:50:02 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2222809053-3503638496-147696768-1001Core.job
[2015/06/10 21:51:51 | 000,002,365 | ---- | M] () -- C:\Users\Kic\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/06/10 21:41:58 | 000,786,622 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/06/10 21:41:58 | 000,657,406 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/06/10 21:41:58 | 000,123,218 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/06/01 22:34:44 | 000,003,493 | ---- | M] () -- C:\Users\Kic\Desktop\49408683.jpg
[2015/06/01 22:22:20 | 001,010,194 | ---- | M] () -- C:\Users\Kic\Desktop\DSC_0236.JPG
[2015/06/01 22:12:49 | 001,029,711 | ---- | M] () -- C:\Users\Kic\Desktop\DSC_0238.JPG

========== Files Created - No Company Name ==========

[2015/06/14 13:20:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/06/12 17:45:43 | 000,420,544 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/06/12 14:31:00 | 001,222,144 | ---- | C] () -- C:\Users\Kic\Desktop\RSITx64.exe
[2015/06/01 22:34:43 | 000,003,493 | ---- | C] () -- C:\Users\Kic\Desktop\49408683.jpg
[2015/06/01 22:25:36 | 001,378,144 | ---- | C] () -- C:\Users\Kic\Desktop\DSC_0150.JPG
[2015/06/01 22:25:36 | 001,248,990 | ---- | C] () -- C:\Users\Kic\Desktop\DSC_0148.JPG
[2015/06/01 22:25:36 | 001,145,783 | ---- | C] () -- C:\Users\Kic\Desktop\DSC_0149.JPG
[2015/06/01 22:25:35 | 000,953,615 | ---- | C] () -- C:\Users\Kic\Desktop\DSC_0142.JPG
[2015/06/01 22:21:55 | 001,029,711 | ---- | C] () -- C:\Users\Kic\Desktop\DSC_0238.JPG
[2015/06/01 22:21:55 | 001,010,194 | ---- | C] () -- C:\Users\Kic\Desktop\DSC_0236.JPG
[2014/07/30 02:08:06 | 000,770,932 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/07/30 02:02:06 | 000,271,264 | ---- | C] () -- C:\Windows\SysWow64\vbrun100.dll
[2014/07/30 02:02:05 | 000,921,665 | ---- | C] () -- C:\Windows\SysWow64\msvcrt-ruby18.dll
[2014/07/30 02:02:05 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\msvcrt10.dll
[2014/07/30 02:02:05 | 000,027,136 | ---- | C] () -- C:\Windows\SysWow64\pythonw.exe
[2014/07/30 02:02:05 | 000,026,624 | ---- | C] () -- C:\Windows\SysWow64\python.exe
[2014/07/30 02:02:05 | 000,020,537 | ---- | C] () -- C:\Windows\SysWow64\rubyw.exe
[2014/07/30 02:02:05 | 000,020,536 | ---- | C] () -- C:\Windows\SysWow64\ruby.exe
[2014/07/30 01:46:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015/02/26 00:58:27 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\.mono
[2015/01/22 00:18:34 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\AVG2015
[2014/10/27 11:34:36 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\CDTPL
[2014/10/16 17:01:15 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\eM Client
[2015/02/25 20:08:51 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Firefly Studios
[2014/08/03 07:09:25 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\LolClient
[2015/03/30 20:42:13 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Mumble
[2014/08/26 20:30:28 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\OpenOffice
[2014/08/26 20:51:12 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Postbox
[2014/08/03 00:15:51 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Riot Games
[2014/10/16 17:57:51 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Thunderbird
[2014/07/30 02:56:19 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\TuneUp Software
[2015/04/18 21:09:27 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Vertical_Drop_Heroes_HD

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,580 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014/07/30 02:22:34 | 000,000,886 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2222809053-3503638496-147696768-1001Core.job
[2014/07/30 02:22:36 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2222809053-3503638496-147696768-1001UA.job
[2014/07/30 20:13:06 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015/02/12 20:33:24 | 000,000,702 | ---- | C] () -- C:\Windows\Tasks\Open Chrome.job

< >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2015/02/03 05:50:56 | 000,190,976 | ---- | M] (Microsoft Corporation) MD5=00D0F7BA3B27126A3E25B540979A9F39 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_d492bbeccaa14239\cryptsvc.dll
[2012/06/02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010/11/20 15:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2015/02/03 05:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=1CD76A83B9E8E9A5A3519B39E28354D9 -- C:\Windows\SysNative\cryptsvc.dll
[2015/02/03 05:30:56 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=1CD76A83B9E8E9A5A3519B39E28354D9 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_d4021b35b189f3e7\cryptsvc.dll
[2013/05/10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2012/06/02 07:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2015/02/03 05:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=49474B3E37969AF4B5C076F42B623AFF -- C:\Windows\SysWOW64\cryptsvc.dll
[2015/02/03 05:12:14 | 000,143,872 | ---- | M] (Microsoft Corporation) MD5=49474B3E37969AF4B5C076F42B623AFF -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_77e37fb1f92c82b1\cryptsvc.dll
[2012/06/04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013/05/10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2009/07/14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012/06/02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2015/02/03 05:31:49 | 000,145,920 | ---- | M] (Microsoft Corporation) MD5=B97E16D36DB7B7DD22C97857506FA58A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_787420691243d103\cryptsvc.dll
[2012/06/02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2013/05/10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012/06/02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012/06/02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011/11/17 09:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2015/05/25 20:18:19 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=17A6A9AAD04CCC6EE53290585BFC43AF -- C:\Windows\SysNative\lsass.exe
[2015/05/25 20:18:19 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=17A6A9AAD04CCC6EE53290585BFC43AF -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18869_none_043f70f1738eddf5\lsass.exe
[2015/01/14 08:04:46 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=1E31700D9C9E0FB79999D02A8437482C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18717_none_04737e137368226b\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18637_none_045ddc5573785d26\lsass.exe
[2015/05/25 20:21:24 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=2A953A1104439BA166FD63A5806A16DF -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23072_none_04b713ec8cbb1b91\lsass.exe
[2014/09/19 11:42:18 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=341655B216721D89CADE9DEA2F33872F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18606_none_047d4bcf7360effc\lsass.exe
[2015/04/04 05:20:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=4C3FAC816925F73A34AD52F1F7C0A7EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18812_none_046e7e87736ca0df\lsass.exe
[2015/01/10 09:09:08 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=55C62F66528A7BF58EA964B70BCB3D96 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22920_none_04eb4ad28c9429ec\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22843_none_04d8a9f28ca1b0ac\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22923_none_04ee4bb08c9175f1\lsass.exe
[2015/02/03 05:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=7554A1B82B4A222FD4CC292ABD38A558 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18741_none_044d0c937385de34\lsass.exe
[2012/08/24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\SoftwareDistribution\Download\142cee68d348d7f371efb2bd1148f547\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2015/04/27 21:22:35 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=9262D6E2C239EDD6D87B080F2BCCEC9F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18839_none_045fe0b573768a22\lsass.exe
[2014/09/19 11:47:37 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=B84317193B6A29F5F5DCF538C34FDCED -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22814_none_04fa1a008c887630\lsass.exe
[2015/04/04 05:25:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BB9C1B746086558899935E3333CD4580 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23017_none_04fcf4e68c85f29e\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2015/01/10 08:47:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C8152B86C0F12E61B0AD5C95751547D3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18714_none_04707d35736ad666\lsass.exe
[2015/03/17 07:15:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=CA4FC33FB22D92368A0B221092B46374 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18798_none_041dfefd73a81b4a\lsass.exe
[2015/02/03 05:50:23 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=CBB80CC43E683F929F8D5E50330F7BA6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22948_none_04ddad4a8c9d2c86\lsass.exe
[2011/11/17 08:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
[2015/04/27 21:16:19 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D52C700254E7FBD9BF6D817BA7BA5309 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23040_none_04d5831c8ca49510\lsass.exe
[2015/03/17 07:11:03 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=DCCDD65A4E68360E5CF57AFC864C64E0 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.23002_none_0502c3608c8257fa\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010/11/20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/20 15:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011/03/11 08:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011/03/11 08:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2015/03/17 07:16:11 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=0B6514A14631E41DE4D6D40D1C80BE68 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18798_none_0a0e1c38300e82ce\smss.exe
[2015/05/25 20:21:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=18196A0F4C3904C81ACE6E91529227D9 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23072_none_0aa7312749218315\smss.exe
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2015/03/17 07:11:20 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=206A6B71AC09D9F7651F0A8B015676C7 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23002_none_0af2e09b48e8bf7e\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22923_none_0ade68eb48f7dd75\smss.exe
[2013/03/19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2015/02/03 05:30:42 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=63D3C30B497347495B8EA78A38188969 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18741_none_0a3d29ce2fec45b8\smss.exe
[2013/03/19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2015/02/03 05:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=8CD5A97B8D155718D357B2D9BC6B113D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22948_none_0acdca854903940a\smss.exe
[2015/05/25 20:18:39 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9BBEA639884C0338DD78654277BD188A -- C:\Windows\SysNative\smss.exe
[2015/05/25 20:18:39 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9BBEA639884C0338DD78654277BD188A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18869_none_0a2f8e2c2ff54579\smss.exe
[2013/08/29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2015/04/27 21:17:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CF8DC00FA29243A347AD4B605AFFF1E5 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23040_none_0ac5a057490afc94\smss.exe
[2015/04/27 21:22:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=DA5EF2CC0764BE7097BAFA9CAF903FE8 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18839_none_0a4ffdf02fdcf1a6\smss.exe
[2013/03/19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013/03/19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014/04/05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010/11/20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/07/17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[14 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[16 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[88 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2015/02/26 00:58:27 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\.mono
[2014/10/16 17:55:32 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Adobe
[2014/07/31 23:27:54 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\ATI
[2015/01/22 00:18:34 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\AVG2015
[2014/10/27 11:34:36 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\CDTPL
[2014/10/16 17:01:15 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\eM Client
[2015/02/25 20:08:51 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Firefly Studios
[2014/07/30 02:12:56 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Identities
[2014/08/03 07:09:25 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\LolClient
[2014/08/03 07:09:23 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Macromedia
[2009/07/14 09:45:14 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Media Center Programs
[2015/03/17 12:21:43 | 000,000,000 | --SD | M] -- C:\Users\Kic\AppData\Roaming\Microsoft
[2014/08/26 20:51:13 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Mozilla
[2015/03/30 20:42:13 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Mumble
[2014/08/26 20:30:28 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\OpenOffice
[2014/08/26 20:51:12 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Postbox
[2014/08/03 00:15:51 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Riot Games
[2015/05/31 22:11:53 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Skype
[2014/10/16 17:57:51 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Thunderbird
[2014/07/30 02:56:19 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\TuneUp Software
[2015/04/18 21:09:27 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\Vertical_Drop_Heroes_HD
[2015/02/26 22:31:30 | 000,000,000 | ---D | M] -- C:\Users\Kic\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015/06/14 13:08:36 | 000,170,254 | ---- | M] () -- C:\Windows\system32\debug.log
[2015/06/12 14:57:03 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2015/06/12 14:57:03 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2015/04/23 16:56:20 | 008,204,056 | ---- | M] (Piriform Ltd)
"Google Update" = "C:\Users\Kic\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2014/07/30 02:22:19 | 000,116,648 | ---- | M] (Google Inc.)
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/06/14 14:24:55 | 000,000,512 | ---- | M] () MD5=6D7F2C067ABC5A78B18477E878663B63 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

[Idea]

< *loader* /s >
[2014/12/16 10:29:29 | 000,004,178 | ---- | M] () -- \Program Files (x86)\AVG Web TuneUp\Chrome\content\icons\loader.gif
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012/11/01 10:32:14 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012/11/01 10:32:44 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012/09/05 00:34:12 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012/09/05 00:34:12 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2014/12/10 03:28:04 | 000,001,701 | ---- | M] () -- \Program Files (x86)\Steam\friends\broadcastuploaderrornotification.res
[2014/11/11 20:48:42 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2014/08/03 01:24:57 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.148\deploy\assets\storeImages\layout\small_loader.gif
[2015/04/07 13:04:48 | 000,004,178 | ---- | M] () -- \Users\Kic\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn\4.1.2.604_0\popup\images\loader.gif
[2015/03/12 12:47:42 | 000,072,638 | ---- | M] () -- \Users\Kic\AppData\Local\Skype\Apps\login\images\loader.gif
[2015/03/12 12:47:42 | 000,003,032 | ---- | M] () -- \Users\Kic\AppData\Local\Skype\Apps\login\images\loader.png
[2015/03/12 12:47:42 | 000,006,012 | ---- | M] () -- \Users\Kic\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2015/03/12 12:47:42 | 000,021,956 | ---- | M] () -- \Users\Kic\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2015/03/12 12:47:42 | 000,009,772 | ---- | M] () -- \Users\Kic\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2015/05/25 22:04:06 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2015/05/25 22:02:40 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_da-dk_2ee8d7fb233f596f.manifest
[2015/05/25 21:55:38 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_de-de_2c146d372515ae09.manifest
[2015/05/25 22:00:30 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_el-gr_d4aa9aca142b1697.manifest
[2015/05/25 22:01:40 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_es-es_d4d0a014141aab73.manifest
[2015/05/25 22:00:12 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_fi-fi_73eba4c109349d9d.manifest
[2015/05/25 21:57:09 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_fr-fr_7788161306ecc1d5.manifest
[2015/05/25 22:04:01 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_hu-hu_bef8965aeb4c90f1.manifest
[2015/05/25 22:03:14 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_it-it_61b00c59de1ea753.manifest
[2015/05/25 21:59:06 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_ja-jp_03d58b66d139b92e.manifest
[2015/05/25 21:57:42 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_ko-kr_a73f681bc3aa8044.manifest
[2015/05/25 22:03:03 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_nb-no_8fd1e9509bcfac00.manifest
[2015/05/25 22:04:39 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_nl-nl_8e11348e9cfbb5d5.manifest
[2015/05/25 22:03:16 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_pl-pl_d44d8f10821e2389.manifest
[2015/05/25 22:03:55 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_pt-br_d6a179b480a7b76d.manifest
[2015/05/25 22:03:24 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_pt-pt_d783492080172749.manifest
[2015/05/25 22:04:25 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_ru-ru_1e265ae464f8b575.manifest
[2015/05/25 22:04:07 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_sv-se_ba2145595c21bfd0.manifest
[2015/05/25 22:04:18 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_tr-tr_632e8fa04addc1c1.manifest
[2015/05/25 21:58:57 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_zh-cn_348bad9dfb1593e0.manifest
[2015/05/25 21:51:49 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_zh-hk_3336a62bfbf10670.manifest
[2015/05/25 21:58:36 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_zh-tw_3887eaf3f8867050.manifest
[2015/05/25 22:02:49 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_9fa1cec0681612cc.manifest
[2015/05/25 22:02:38 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_da-dk_3cdbaee75e5c0ecb.manifest
[2015/05/25 21:55:02 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_de-de_3a07442360326365.manifest
[2015/05/25 22:00:29 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_el-gr_e29d71b64f47cbf3.manifest
[2015/05/25 20:25:03 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_en-us_e2f81a1c4f106f2a.manifest
[2015/05/25 22:00:55 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_es-es_e2c377004f3760cf.manifest
[2015/05/25 22:00:10 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_fi-fi_81de7bad445152f9.manifest
[2015/05/25 21:56:43 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_fr-fr_857aecff42097731.manifest
[2015/05/25 22:02:44 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_hu-hu_cceb6d472669464d.manifest
[2015/05/25 22:01:52 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_it-it_6fa2e346193b5caf.manifest
[2015/05/25 21:58:36 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_ja-jp_11c862530c566e8a.manifest
[2015/05/25 21:57:20 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_ko-kr_b5323f07fec735a0.manifest
[2015/05/25 22:03:00 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_nb-no_9dc4c03cd6ec615c.manifest
[2015/05/25 22:03:03 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_nl-nl_9c040b7ad8186b31.manifest
[2015/05/25 22:02:03 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_pl-pl_e24065fcbd3ad8e5.manifest
[2015/05/25 22:02:33 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_pt-br_e49450a0bbc46cc9.manifest
[2015/05/25 22:02:05 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_pt-pt_e576200cbb33dca5.manifest
[2015/05/25 22:02:52 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_ru-ru_2c1931d0a0156ad1.manifest
[2015/05/25 22:02:49 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_sv-se_c8141c45973e752c.manifest
[2015/05/25 22:02:58 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_tr-tr_7121668c85fa771d.manifest
[2015/05/25 21:58:29 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_zh-cn_427e848a3632493c.manifest
[2015/05/25 21:51:48 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_zh-hk_41297d18370dbbcc.manifest
[2015/05/25 21:58:18 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_zh-tw_467ac1e033a325ac.manifest
[2015/05/25 20:45:52 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5b94cfccf8026155b37fdc15c738f964\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_9e5b180c9a8720cf.manifest
[2015/02/03 06:49:45 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015/02/03 06:51:44 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_da-dk_2e7ed0a20a0a1c12.manifest
[2015/02/03 07:01:30 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_de-de_2baa65de0be070ac.manifest
[2015/02/03 06:52:01 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_el-gr_d4409370faf5d93a.manifest
[2015/02/03 05:35:06 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71.manifest
[2015/02/03 06:54:17 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_es-es_d46698bafae56e16.manifest
[2015/02/03 06:50:59 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_fi-fi_73819d67efff6040.manifest
[2015/02/03 07:01:17 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_fr-fr_771e0eb9edb78478.manifest
[2015/02/03 06:53:20 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_hu-hu_be8e8f01d2175394.manifest
[2015/02/03 06:54:42 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_it-it_61460500c4e969f6.manifest
[2015/02/03 07:03:54 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_ja-jp_036b840db8047bd1.manifest
[2015/02/03 07:02:43 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_ko-kr_a6d560c2aa7542e7.manifest
[2015/02/03 06:53:28 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_nb-no_8f67e1f7829a6ea3.manifest
[2015/02/03 06:54:30 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_nl-nl_8da72d3583c67878.manifest
[2015/02/03 06:51:23 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_pl-pl_d3e387b768e8e62c.manifest
[2015/02/03 06:51:59 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_pt-br_d637725b67727a10.manifest
[2015/02/03 06:51:51 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_pt-pt_d71941c766e1e9ec.manifest
[2015/02/03 06:54:19 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_ru-ru_1dbc538b4bc37818.manifest
[2015/02/03 06:54:32 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_sv-se_b9b73e0042ec8273.manifest
[2015/02/03 06:54:09 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_tr-tr_62c4884731a88464.manifest
[2015/02/03 07:04:21 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_zh-cn_3421a644e1e05683.manifest
[2015/02/03 07:00:19 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_zh-hk_32cc9ed2e2bbc913.manifest
[2015/02/03 07:03:27 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_zh-tw_381de39adf5132f3.manifest
[2015/02/03 07:30:16 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_91d591322cdb6e65.manifest
[2015/02/03 07:26:12 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_da-dk_2f0f715923216a64.manifest
[2015/02/03 07:24:05 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_de-de_2c3b069524f7befe.manifest
[2015/02/03 07:27:22 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_el-gr_d4d13428140d278c.manifest
[2015/02/03 05:54:55 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_en-us_d52bdc8e13d5cac3.manifest
[2015/02/03 07:30:47 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_es-es_d4f7397213fcbc68.manifest
[2015/02/03 07:29:26 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_fi-fi_74123e1f0916ae92.manifest
[2015/02/03 07:22:37 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_fr-fr_77aeaf7106ced2ca.manifest
[2015/02/03 07:30:38 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_hu-hu_bf1f2fb8eb2ea1e6.manifest
[2015/02/03 07:30:23 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_it-it_61d6a5b7de00b848.manifest
[2015/02/03 07:24:12 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_ja-jp_03fc24c4d11bca23.manifest
[2015/02/03 07:24:25 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_ko-kr_a7660179c38c9139.manifest
[2015/02/03 07:25:23 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_nb-no_8ff882ae9bb1bcf5.manifest
[2015/02/03 07:28:55 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_nl-nl_8e37cdec9cddc6ca.manifest
[2015/02/03 07:27:51 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_pl-pl_d474286e8200347e.manifest
[2015/02/03 07:28:29 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_pt-br_d6c813128089c862.manifest
[2015/02/03 07:30:45 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_pt-pt_d7a9e27e7ff9383e.manifest
[2015/02/03 07:29:40 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_ru-ru_1e4cf44264dac66a.manifest
[2015/02/03 07:27:45 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_sv-se_ba47deb75c03d0c5.manifest
[2015/02/03 07:30:44 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_tr-tr_635528fe4abfd2b6.manifest
[2015/02/03 07:24:05 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_zh-cn_34b246fbfaf7a4d5.manifest
[2015/02/03 07:23:15 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_zh-hk_335d3f89fbd31765.manifest
[2015/02/03 07:25:24 | 000,004,431 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_zh-tw_38ae8451f8688145.manifest
[2015/02/03 05:51:30 | 000,005,744 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015/02/03 06:17:47 | 000,005,744 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015/02/03 06:49:13 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9f37c7674ee0d56f.manifest
[2015/02/03 06:51:43 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_da-dk_3c71a78e4526d16e.manifest
[2015/02/03 07:00:56 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_de-de_399d3cca46fd2608.manifest
[2015/02/03 06:52:00 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_el-gr_e2336a5d36128e96.manifest
[2015/02/03 05:34:57 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_e28e12c335db31cd.manifest
[2015/02/03 06:53:15 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_es-es_e2596fa736022372.manifest
[2015/02/03 06:50:58 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_fi-fi_817474542b1c159c.manifest
[2015/02/03 07:00:44 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_fr-fr_8510e5a628d439d4.manifest
[2015/02/03 06:52:25 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_hu-hu_cc8165ee0d3408f0.manifest
[2015/02/03 06:53:58 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_it-it_6f38dbed00061f52.manifest
[2015/02/03 07:03:20 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_ja-jp_115e5af9f321312d.manifest
[2015/02/03 07:02:12 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_ko-kr_b4c837aee591f843.manifest
[2015/02/03 06:53:27 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_nb-no_9d5ab8e3bdb723ff.manifest
[2015/02/03 06:53:33 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_nl-nl_9b9a0421bee32dd4.manifest
[2015/02/03 06:50:43 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_pl-pl_e1d65ea3a4059b88.manifest
[2015/02/03 06:51:09 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_pt-br_e42a4947a28f2f6c.manifest
[2015/02/03 06:51:08 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_pt-pt_e50c18b3a1fe9f48.manifest
[2015/02/03 06:53:23 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_ru-ru_2baf2a7786e02d74.manifest
[2015/02/03 06:53:49 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_sv-se_c7aa14ec7e0937cf.manifest
[2015/02/03 06:53:21 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_tr-tr_70b75f336cc539c0.manifest
[2015/02/03 07:03:51 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_zh-cn_42147d311cfd0bdf.manifest
[2015/02/03 07:00:19 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_zh-hk_40bf75bf1dd87e6f.manifest
[2015/02/03 07:02:58 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_zh-tw_4610ba871a6de84f.manifest
[2015/02/03 07:29:03 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_9fc8681e67f823c1.manifest
[2015/02/03 07:26:11 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_da-dk_3d0248455e3e1fc0.manifest
[2015/02/03 07:23:44 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_de-de_3a2ddd816014745a.manifest
[2015/02/03 07:27:20 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_el-gr_e2c40b144f29dce8.manifest
[2015/02/03 05:54:34 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_en-us_e31eb37a4ef2801f.manifest
[2015/02/03 07:29:42 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_es-es_e2ea105e4f1971c4.manifest
[2015/02/03 07:29:25 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_fi-fi_8205150b443363ee.manifest
[2015/02/03 07:22:05 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_fr-fr_85a1865d41eb8826.manifest
[2015/02/03 07:29:37 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_hu-hu_cd1206a5264b5742.manifest
[2015/02/03 07:29:03 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_it-it_6fc97ca4191d6da4.manifest
[2015/02/03 07:23:52 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_ja-jp_11eefbb10c387f7f.manifest
[2015/02/03 07:24:01 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_ko-kr_b558d865fea94695.manifest
[2015/02/03 07:25:22 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_nb-no_9deb599ad6ce7251.manifest
[2015/02/03 07:28:08 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_nl-nl_9c2aa4d8d7fa7c26.manifest
[2015/02/03 07:26:55 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_pl-pl_e266ff5abd1ce9da.manifest
[2015/02/03 07:27:42 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_pt-br_e4bae9febba67dbe.manifest
[2015/02/03 07:29:44 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_pt-pt_e59cb96abb15ed9a.manifest
[2015/02/03 07:28:33 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_ru-ru_2c3fcb2e9ff77bc6.manifest
[2015/02/03 07:26:51 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_sv-se_c83ab5a397208621.manifest
[2015/02/03 07:29:45 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_tr-tr_7147ffea85dc8812.manifest
[2015/02/03 07:23:44 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_zh-cn_42a51de836145a31.manifest
[2015/02/03 07:23:15 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_zh-hk_4150167636efccc1.manifest
[2015/02/03 07:25:01 | 000,004,434 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_zh-tw_46a15b3e338536a1.manifest
[2015/02/03 05:51:36 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_9df110b38151e372.manifest
[2015/02/03 06:17:51 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9d417fce8d923f9d64bd8f3891b4d730\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_9e81b16a9a6931c4.manifest
[2015/05/25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2010/04/29 15:18:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010/04/29 15:41:02 | 000,009,622 | R--- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2015/05/25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2010/04/29 15:18:02 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010/04/29 15:41:02 | 000,009,622 | R--- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:41:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/17 07:11:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_6885643192acd650\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/27 21:16:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_68c745e9927b4528\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 05:20:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_68ba756992852e6b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/25 20:11:40 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/17 07:05:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_696a2894ab871300\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/27 21:10:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_693ce850aba95016\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 07:58:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_6945eaeaaba13425\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/25 20:14:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/10 23:13:01 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71.manifest
[2015/03/10 23:13:01 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winload.efi.mui_35ee487d
[2015/03/10 23:13:01 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winload.exe.mui_3bc5b827
[2015/03/10 23:13:01 | 000,029,624 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winresume.efi.mui_f412814e
[2015/03/10 23:13:01 | 000,029,632 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winresume.exe.mui_ff8b5358
[2015/03/10 23:13:02 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015/03/10 23:13:02 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.efi_75834aa0
[2015/03/10 23:13:02 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.exe_75835076
[2015/03/10 23:13:02 | 000,616,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.efi_85cd069f
[2015/03/10 23:13:02 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015/05/13 22:55:17 | 000,000,616 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009/07/14 04:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2015/02/03 05:35:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71.manifest
[2015/01/16 08:36:33 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_en-us_d53c7af413ca142e.manifest
[2015/02/03 05:54:55 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_en-us_d52bdc8e13d5cac3.manifest
[2015/03/17 07:14:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_en-us_d550f2a413baf637.manifest
[2015/04/27 21:23:13 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_en-us_d523b26013dd334d.manifest
[2015/05/25 20:25:12 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_en-us_d505433013f3b9ce.manifest
[2009/07/14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2015/02/03 05:51:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2015/01/16 08:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015/02/03 06:17:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015/03/17 07:34:28 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_b9def2d09c5e000c.manifest
[2015/04/27 21:40:54 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_b9b1b28c9c803d22.manifest
[2015/05/25 20:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:56:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/17 06:50:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_0c66c8adda4f651a\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/27 20:59:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_0ca8aa65da1dd3f2\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/17 06:42:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_0d4b8d10f329a1ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/27 20:52:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_0d1e4cccf34bdee0\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/25 20:00:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2015/04/15 23:18:10 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.40416.0\System.Runtime.Serialization.dll
[2015/05/13 22:41:32 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.40416.0\System.Runtime.Serialization.ni.dll
[2014/07/11 00:24:10 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2015/04/16 00:30:32 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.40416.0\System.Runtime.Serialization.dll
[2015/05/13 22:42:04 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.40416.0\System.Runtime.Serialization.ni.dll
[2014/07/11 00:24:01 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/06/24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/10/16 08:58:55 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/10/17 09:24:11 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
[2014/10/16 09:02:07 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\2a07bf9a29a64827bf06e7853214fc0f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/10/17 09:30:25 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5015b90fbd31c9ba4fff989b2c79711b\System.Runtime.Serialization.ni.dll
[2015/03/10 14:36:35 | 000,306,176 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a94049de665f1854ea5df1a857b2c68f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2015/03/10 14:36:35 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a94049de665f1854ea5df1a857b2c68f\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2015/03/10 14:39:18 | 002,855,424 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll
[2015/03/10 14:39:18 | 000,000,996 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll.aux
[2015/03/11 13:07:05 | 000,025,600 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\ad0261438ff8f46e093faa717226ebef\System.Xml.Serialization.ni.dll
[2015/03/11 13:07:05 | 000,000,284 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\ad0261438ff8f46e093faa717226ebef\System.Xml.Serialization.ni.dll.aux
[2015/03/11 13:09:36 | 000,366,080 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\769e80c5193dedd5ef90a962c002d15a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2015/03/11 13:09:36 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\769e80c5193dedd5ef90a962c002d15a\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2015/03/11 13:34:52 | 003,597,312 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\cdca00d5c58d31de2503310a31ca096f\System.Runtime.Serialization.ni.dll
[2015/03/11 13:34:52 | 000,000,996 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\cdca00d5c58d31de2503310a31ca096f\System.Runtime.Serialization.ni.dll.aux
[2015/03/11 13:36:36 | 000,027,648 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\85b2d15d965e64489744325c53d91db0\System.Xml.Serialization.ni.dll
[2015/03/11 13:36:36 | 000,000,284 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\85b2d15d965e64489744325c53d91db0\System.Xml.Serialization.ni.dll.aux
[2014/04/12 01:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\6414876250E69FF3395387C6C7F05BEB\4.5.51209\System.Runtime.Serialization.dll.amd64
[2014/04/12 01:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\6414876250E69FF3395387C6C7F05BEB\4.5.51209\System.Runtime.Serialization.dll.x86
[2014/04/12 01:48:40 | 001,051,888 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\6414876250E69FF3395387C6C7F05BEB\4.5.51209\System.Runtime.Serialization.dll_gac_x86
[2014/04/12 01:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014/04/12 00:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2014/04/12 00:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2014/04/12 00:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014/07/23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/04/12 00:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2014/04/12 00:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014/06/24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2014/04/12 01:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2014/04/12 00:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2014/04/12 00:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2014/04/12 00:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2014/04/12 00:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2014/04/12 00:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2014/06/24 01:43:09 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/11 00:24:02 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2014/04/12 01:48:40 | 000,133,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2014/04/12 00:08:06 | 000,029,472 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2014/04/12 00:08:06 | 000,029,512 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2014/04/12 00:08:06 | 000,029,976 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2014/04/12 00:08:06 | 000,045,800 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2014/04/12 00:08:06 | 000,029,928 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009/07/14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009/07/14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2009/07/14 04:26:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781\serialui.dll.mui
[2009/07/14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009/07/14 04:30:28 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 01:43:09 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_a9a7e561157d82e9\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 01:43:05 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_92db3ec72f23fc97\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009/06/10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010/11/05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2014/03/09 23:48:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff\System.Runtime.Serialization.dll
[2014/07/11 00:24:02 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5\System.Runtime.Serialization.dll
[2014/03/17 16:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad\System.Runtime.Serialization.dll
[2014/07/08 01:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704\System.Runtime.Serialization.dll
[2009/06/10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010/11/05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2014/03/09 23:48:50 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98\System.Runtime.Serialization.dll
[2014/07/11 00:24:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e\System.Runtime.Serialization.dll
[2014/03/17 16:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846\System.Runtime.Serialization.dll
[2014/07/08 01:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d\System.Runtime.Serialization.dll
[2014/07/31 19:43:11 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2014/07/31 19:43:11 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009/07/14 07:37:34 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781_serialui.dll.mui_7d29d2a3
[2009/07/14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009/07/14 07:37:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009/07/14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 15:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011/02/05 15:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011/02/05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009/07/14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010/11/20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2014/07/02 08:30:52 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff.manifest
[2014/07/14 04:24:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5.manifest
[2014/07/02 08:30:44 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad.manifest
[2014/07/14 04:13:57 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704.manifest
[2009/07/14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010/11/20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2014/07/02 08:31:00 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98.manifest
[2014/07/14 04:24:58 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e.manifest
[2014/07/02 08:30:53 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846.manifest
[2014/07/14 04:14:06 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d.manifest
[2009/07/14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/11/20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2014/07/02 07:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014/07/14 04:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2014/07/02 08:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014/07/14 04:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2009/07/14 04:42:40 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2014/07/02 08:12:55 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_en-us_8f47fbdfbfd0e755.manifest
[2014/07/14 04:07:18 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_en-us_8f4912f1bfcfe70b.manifest
[2014/07/02 08:12:12 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_en-us_787b5545d9776103.manifest
[2014/07/14 03:56:59 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_en-us_787c558fd9767a5a.manifest
[2009/07/14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/11/20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2014/07/02 08:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014/07/14 04:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2014/07/02 08:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014/07/14 04:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2009/07/14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/11/20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2014/07/02 07:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014/07/14 04:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2014/07/02 08:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014/07/14 04:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 01:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/11/05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2014/03/09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014/07/11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2014/03/17 16:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014/07/08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2009/06/10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/11/05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2014/03/09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014/07/11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2014/03/17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014/07/08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2009/07/14 04:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/06/10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/11/05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2014/03/09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014/07/11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2014/03/17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014/07/08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

[Idea]

OTL Extras logfile created on: 14. 6. 2015 14:23:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kic\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,86 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 53,14% Memory free
7,71 Gb Paging File | 5,63 Gb Available in Paging File | 73,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 211,34 Gb Free Space | 70,92% Space Free | Partition Type: NTFS

Computer Name: KICPC | User Name: Kic | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05C92EDE-D28A-48D1-99B9-3EC901A224BC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{07C9D59C-0A59-4A0D-8D68-BCEE2AD41AAE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0967AEBE-1F3E-4A8B-B3E0-9D2FFA59CC18}" = rport=445 | protocol=6 | dir=out | app=system |
"{0CDF79A7-66A9-429C-8D1B-977CF7BACA17}" = rport=137 | protocol=17 | dir=out | app=system |
"{1096F6FA-AD08-479C-AE05-B55B5606AA35}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{13296C0A-041C-45B2-9867-EEB8D048EA82}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2B7F5A72-0E53-4E73-B8FC-8D6B530F63CF}" = rport=139 | protocol=6 | dir=out | app=system |
"{34E97A8C-84D6-43C5-8391-6D6C03327C2A}" = lport=20401 | protocol=6 | dir=in | name=krosport20401 |
"{368CE385-720C-4D95-9AAC-3CC5FC7AB8C4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{380C906C-4617-424B-9DCE-2475ED38CB4C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{4DB71969-6CD6-470D-A0A9-9BD33D2C1AAB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5797ED43-66C1-4370-ABD6-5A917905E294}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{58B867C1-DACD-42FE-A501-66F03C06AD10}" = lport=20402 | protocol=6 | dir=in | name=krosport20402 |
"{6C51E91B-BC2C-4699-81F3-6CED54653153}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6F704FF8-09EF-43B7-8F8A-9A8AAEDE6A58}" = lport=138 | protocol=17 | dir=in | app=system |
"{76D89F2C-DB71-488D-A09B-8086A16BBD2D}" = lport=20400 | protocol=6 | dir=in | name=krosport20400 |
"{8024F3EF-BBEA-40F3-A618-0F46FB2B9E29}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{80F823B5-323B-457C-A8B3-EA376F3EAFBD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8567E08F-5A17-4F8E-BB5F-688A87BA2E5F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9557A093-0E88-48E3-8A69-892CBD6D8947}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{9591A939-BB94-4A7B-BCDA-AC8043311C91}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B2F02D41-F5B5-409D-B8E1-0C3B04C689FA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CEA4245C-7712-4E42-9204-232E291DB2E6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CFCAB46C-CE71-40DB-89C5-CF3FA5D94719}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E3A097BE-B93E-4071-BAC0-71C604FED058}" = lport=139 | protocol=6 | dir=in | app=system |
"{EE49D1F2-1EBE-4294-8663-DE046366830A}" = lport=137 | protocol=17 | dir=in | app=system |
"{F8B18F85-E983-4D5A-9E0E-EC50BE9FAE80}" = rport=138 | protocol=17 | dir=out | app=system |
"{FC29FF38-7F1C-48C6-AD1D-DEB910801A80}" = lport=5353 | protocol=17 | dir=in | app=c:\users\kic\appdata\local\google\chrome\application\chrome.exe |
"{FD3903D2-25C2-4C3A-A17C-1E6B929C136C}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{097A789B-C51E-4E84-A265-22D15E9AF523}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{16B7DCEC-D89C-42EB-95F3-C9DBCAC8F5B0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{18760B7C-B4CF-45FD-8BCB-6570ECAA11AA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{1B6FCAD7-ADB7-4266-B2DF-F8C4086BF2CF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{23EAE50D-1D71-4428-A6E6-8029DE00DB8D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2681E394-CBE0-4432-AEF3-7338DBA98486}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{2BB1BFF3-010A-4D02-B268-280BCEB4CF6D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{338E5549-2474-400E-8004-05B3E4549315}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{33E3006F-FC1E-4542-9816-1374D79DCF81}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3469478E-A494-4320-B809-EC4C3CCD7F6F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{406392F8-7913-4FE7-A624-BBB8A3F49242}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{59ED9641-22B7-4DE3-A279-D54A3A2BF926}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{688BF80A-EC30-4B6E-9E9A-127343BE8114}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6BB88B04-BE13-455A-95F5-076B96E88D18}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7678166D-08F0-44D5-8ADD-A5684808E445}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{8E5A4370-08BC-41C5-83C1-6E4B5A85A54B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{8FD46196-ED2A-4FE0-A745-B3BEE512F4FF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{9645D13D-3A02-480B-8018-2B0C1A39CA8B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A556F8FF-1F9C-4CE9-B776-667641131D64}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B30CE73D-E2AD-47A1-AD50-A836E5F32DCE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{B50BAF70-4EEF-460D-B047-D8B1C9E33E59}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B5DD13C1-B003-44E4-A4D3-957A72AC5CFF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B8D47A68-F483-4BBF-BB4A-1095DF34761B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{B99647F6-5225-43BC-8C5B-93108002F172}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{C86DA5E6-A3F4-408F-AD9B-D356FCD119BF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6879A53-7C3D-4D29-8A63-076540DD5460}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D82E2653-1970-4A3C-80D1-DCC57B044EF7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{D93F0D47-3084-4B89-A465-BA72AD27F69C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DDB03BAF-105A-4368-B8A4-BEECDAEFB6F3}" = protocol=6 | dir=out | app=system |
"{E0F45644-DA24-4401-8F0D-845AFE074F5E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{E583F993-9C7F-4E73-B5FE-A0FDB9116E49}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA5A7885-E05D-4A3F-BD03-8E8E8C62137D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EE8079A9-4246-4585-8EE0-5360A4B36557}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F9C85747-6751-4C57-8E77-B76DFA244C24}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034B6AC8-DCF6-585B-2AFD-3FF0D4A559BB}" = AMD Accelerated Video Transcoding
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java(TM) 6 Update 21 (64-bit)
"{30921AC4-6875-F7DF-B48B-2BB68C000BB6}" = AMD Media Foundation Decoders
"{37FCE154-7F59-74F0-3A35-BF503CEB230B}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C676266-91E4-DC71-E661-13494AC29A3E}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{900A29A0-52BA-4a78-8E6C-5F4F821397CE}" = Canon MF4010 Series
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{999DB5B3-EE44-8837-2B51-4AF44CD1FD22}" = AMD Drag and Drop Transcoding
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{E23970BE-3D5D-4B64-A7D6-0B6E108AB609}" = AVG 2015
"{E243DBE7-0889-45BD-B870-067C4FEF2928}" = AVG 2015
"AVG" = AVG 2015
"CCleaner" = CCleaner

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F14E5B-E07A-2A1E-6788-580773CE1486}" = CCC Help English
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{0A036215-0A8D-6FBE-7EA3-7AED4F9E162A}" = CCC Help Turkish
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15A05AAA-37E7-D516-5BE9-C960C2170403}" = CCC Help Czech
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21E9850E-58C2-FA88-D5AD-B64D253B8F82}" = CCC Help Thai
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.4
"{25A7270E-1B63-DFD1-ACBC-88852A305398}" = CCC Help Chinese Traditional
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{28164BD8-81EA-639A-85E9-E659E3EE6DA7}" = Catalyst Control Center InstallProxy
"{2E69E784-F84A-9A18-7D8E-4EB8504EEE1E}" = CCC Help Danish
"{362614E4-9ABB-E7A7-CDDC-239AB168060A}" = CCC Help Japanese
"{4745F6F8-09DA-CC39-EC19-0E8D764CF2B7}" = CCC Help Chinese Standard
"{4FA31DE2-B613-24BB-1738-B655C00B1C9D}" = CCC Help Hungarian
"{58771CF6-F212-CC4D-61B1-45CC70B6375C}" = CCC Help Dutch
"{6D5CE5F1-CBB0-9ED4-1A1E-91DDCD6225FD}" = CCC Help Italian
"{707210B0-29F1-C550-BA96-6ECDA245CF24}" = CCC Help Spanish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{812B956B-37AB-24B9-4527-78A6D3ECE7F8}" = CCC Help Korean
"{83293709-B863-0EF6-00DA-B026D486E8B5}" = CCC Help Polish
"{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041B-1000-0000000FF1CE}_PROPLUS_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{911904DE-EBB6-BC8E-D5BD-762B7DB42C46}" = CCC Help Greek
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9903011B-5F1D-A2A1-8078-EE62B3324CCE}" = CCC Help Portuguese
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7F1628-2126-34A5-852D-2B93328BCF3F}" = CCC Help German
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1051-7B44-AB0000000001}" = Adobe Reader XI (11.0.11) - Slovak
"{AE6C422B-DADB-D547-411C-E9E56DF03D16}" = CCC Help Russian
"{B09567CC-E43F-10F1-752D-549AC7FB0C43}" = CCC Help Finnish
"{B170B91D-E8E3-A6A3-D129-D8E36FEA8A0B}" = CCC Help Norwegian
"{BD96ABD3-D1D4-5513-6C60-11476D6DCFC5}" = Catalyst Control Center Localization All
"{C05905B9-775A-4894-A4DF-B57C15250958}" = Razer Imperator
"{C39C7876-4D21-8A38-0A42-B5C8858EC6C7}" = CCC Help French
"{D4236B82-213F-679E-09A2-9AEB5EF4CADC}" = Catalyst Control Center Graphics Previews Common
"{EBBD4FE6-91DA-C397-6D56-FE85DBF24FCF}" = Catalyst Control Center
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FCEFDA6B-63CD-BB17-B845-478A42E24D39}" = CCC Help Swedish
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 17 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI
"AVG Web TuneUp" = AVG Web TuneUp
"League of Legends 3.0.1" = League of Legends
"PROPLUS" = Microsoft Office Professional Plus 2007
"Steam" = Steam
"Steam App 730" = Counter-Strike: Global Offensive
"VLC media player" = VLC media player

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12. 6. 2015 11:46:33 | Computer Name = KicPC | Source = Windows Search Service | ID = 7040
Description =

Error - 12. 6. 2015 11:46:33 | Computer Name = KicPC | Source = Windows Search Service | ID = 7042
Description =

Error - 12. 6. 2015 11:46:33 | Computer Name = KicPC | Source = Windows Search Service | ID = 9002
Description =

Error - 12. 6. 2015 11:46:33 | Computer Name = KicPC | Source = Windows Search Service | ID = 3029
Description =

Error - 12. 6. 2015 11:46:36 | Computer Name = KicPC | Source = Windows Search Service | ID = 3029
Description =

Error - 12. 6. 2015 11:46:36 | Computer Name = KicPC | Source = Windows Search Service | ID = 3028
Description =

Error - 12. 6. 2015 11:46:36 | Computer Name = KicPC | Source = Windows Search Service | ID = 3058
Description =

Error - 12. 6. 2015 11:46:36 | Computer Name = KicPC | Source = Windows Search Service | ID = 7010
Description =

Error - 12. 6. 2015 11:47:57 | Computer Name = KicPC | Source = Outlook | ID = 34
Description = Nepodarilo sa načítať správcu rozsahu prehľadávanie obsahu. Chyba=0x80070015.

Error - 12. 6. 2015 11:47:57 | Computer Name = KicPC | Source = Outlook | ID = 35
Description = Nepodarilo sa určiť, či je ukladací priestor v rozsahu prehľadávania
(chyba=0x80070015).

[ System Events ]
Error - 12. 6. 2015 11:46:36 | Computer Name = KicPC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-1073473535.

Error - 12. 6. 2015 11:46:36 | Computer Name = KicPC | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.


< End of report >

[Márty84]

Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[Idea]

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x64)
Date : 2015/06/14 22:15:56

-- Controller Map ----------------------------------------------------------
+ Standard AHCI 1.0 Serial ATA Controller [ATA]
+ ATA Channel 0 (0)
- ST320LM001 HN-M320MBB ATA Device
+ ATA Channel 1 (1)
- Optiarc DVD RW AD-7580S ATA Device
- ATA Channel 4 (4)
- ATA Channel 5 (5)

-- Disk List ---------------------------------------------------------------
(1) ST320LM001 HN-M320MBB : 320,0 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST320LM001 HN-M320MBB
----------------------------------------------------------------------------
Model : ST320LM001 HN-M320MBB
Firmware : 2BA30001
Serial Number : S2ZXJ9GF500608
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600
Power On Hours : 1951 hours
Power On Count : 676 count
Temparature : 42 C (107 F)
Health Status : Good
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 00000000000E Read Error Rate
02 252 252 __0 000000000000 Throughput Performance
03 _94 _89 _25 000000000730 Spin-Up Time
04 100 100 __0 0000000002B4 Start/Stop Count
05 252 252 _10 000000000000 Reallocated Sectors Count
07 252 252 _51 000000000000 Seek Error Rate
08 252 252 _15 000000000000 Seek Time Performance
09 100 100 __0 00000000079F Power-On Hours
0A 252 252 _51 000000000000 Spin Retry Count
0B 100 100 __0 00000000000A Recalibration Retries
0C 100 100 __0 0000000002A4 Power Cycle Count
BF 100 100 __0 0000000018E0 G-Sense Error Rate
C0 252 252 __0 000000000000 Power-off Retract Count
C2 _58 _49 __0 00330008002A Temperature
C3 100 100 __0 000000000000 Hardware ECC recovered
C4 252 252 __0 000000000000 Reallocation Event Count
C5 252 252 __0 000000000000 Current Pending Sector Count
C6 252 252 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 100 __0 000000000CC0 Write Error Rate
DF 100 100 __0 00000000000A Load/Unload Retry Count
E1 _99 _99 __0 000000004720 Load/Unload Cycle Count

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 5332 5A58 4A39 4746 3530 3038 3038 2020 2020 2020
020: 0000 8000 0004 3242 4133 3031 3031 5354 3332 304C
030: 4D30 3031 2048 4E2D 4D33 4D42 4D42 4220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1D0E 1D0E 0004 004C 0040
080: 01FF 0028 746B 7F69 6123 BC41 BC41 6123 207F 0022
090: 0022 0080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 6003 6003 0000 5000 4CF2
110: 0D21 BE3F 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003F 003F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 DDA5

[Idea]

# AdwCleaner v4.206 - Logfile created 14/06/2015 at 22:18:57
# Updated 01/06/2015 by Xplode
# Database : 2015-06-14.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Kic - KICPC
# Running from : C:\Users\Kic\Desktop\adwcleaner_4.206.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : vToolbarUpdater18.4.0

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Kic\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
File Deleted : C:\Users\Kic\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Avg Secure Update
Key Deleted : HKLM\SOFTWARE\Solvusoft
Key Deleted : HKLM\SOFTWARE\Avg Secure Update
Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v

[C:\Users\Kic\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","tabs","unlimitedStorage","webNavigation","webRequest","webRequestBlocking"],"explicit_host":["\u003Call_urls>","chrome://favicon/*"],"manifest_permissions":[],"scriptable_host":["\u003Call_urls>"]},"commands":{"_execute_page_action":{"suggested_key":"Alt+Shift+P","was_assigned":true}},"content_settings":[],"creation_flags":9,"disable_reasons":33,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["browsingData","cookies","downloads","downloadsInternal","history","homepage","management","nativeMessaging","searchProvider","startupPages","tabs","unlimitedStorage","webNavigation","webRequest","webRequestBlocking"],"explicit_host":["\u003Call_urls>","chrome://favicon/*"],"manifest_permissions":[],"scriptable_host":["\u003Call_urls>"]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13072974682612627","lastpingday":"13078738801700703","location":1,"manifest":{"background":{"page":"background.html","persistent":true},"chrome_settings_overrides":{"homepage":"hxxps://mysearch.avg.com/?rvt=1","search_provider":{"encoding":"UTF-8","favicon_url":"hxxps://mysearch.avg.com/favicon.ico","is_default":true,"keyword":"hxxps://mysearch.avg.com","name":"AVG Secure Search

*************************

AdwCleaner[R0].txt - [5294 bytes] - [14/06/2015 22:17:26]
AdwCleaner[S0].txt - [5230 bytes] - [14/06/2015 22:18:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5289 bytes] ##########

[Idea]

Win. Nelegálny kreknutý..

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Idea]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 15. 6. 2015
Čas skenování: 19:25:55
Protokol: log.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.06.15.04
Databáze rootkitů: v2015.06.15.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Kic

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 490333
Uplynulý čas: 1 hod, 28 min, 44 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

MBAM muzete odinstalovat.


Bohuzel dalsi cisteni neni mozne, pravidla fora mi nedovoluji pokracovat.
Hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

Pouzijte DelFix, Ccleaner a Defragler http://forum.viry.cz/viewtopic.php?f=13 ... 0#p1400813 , treba se to trosku zlepsi.


Mejte se a treba zase nekdy, snad s lepsim vysledkem