VIRY.CZ

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : Asus [Práva Správcu]
Režim : Odebrať -- Dátum : 01/07/2014 00:03:03
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 7 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRADENÉ (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRADENÉ (1)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRADENÉ (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRADENÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRADENÉ (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRADENÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRADENÉ (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) M4-CT256M4SSD2 +++++
--- User ---
[MBR] 74b41c1b7f36631ea591a050d84a75eb
[BSP] cad6e75d6f2554f84f461952d9e1e18b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 244097 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) SAMSUNG HD154UI +++++
--- User ---
[MBR] e126389caec5c03d64633cbab99adbfc
[BSP] b3e3f2f4e53b533f9b00a73b6633d58d : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 1430789 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) SAMSUNG HD501LJ +++++
--- User ---
[MBR] 9d36f2651dfcdfc4bab7dce85d97e425
[BSP] a6e5da1a6c63f3abaf1bbf009f6d5c94 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 476929 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ IDE) WDC WD30EZRX-00MMMB0 +++++
--- User ---
[MBR] b0bf5c3972637386f85009c14f71a905
[BSP] bcff0f8bdf0aefe0ee6e455b49c58beb : Legit.C MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097150 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ IDE) Kingston SSDNow 64GB +++++
--- User ---
[MBR] 7ef5537936714d17d9bc6de60c1c492d
[BSP] 06c387b5e3151c0ae282fccf68b5cdbb : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 61055 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_D_01072014_000303.txt >>
RKreport[0]_S_01062014_214118.txt;RKreport[0]_S_01072014_000245.txt

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : Asus [Práva Správcu]
Režim : Oprava HOSTS -- Dátum : 01/07/2014 00:04:31
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončené : << RKreport[0]_H_01072014_000431.txt >>
RKreport[0]_D_01072014_000303.txt;RKreport[0]_S_01062014_214118.txt;RKreport[0]_S_01072014_000245.txt

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

ComboFix 14-01-04.03 - Asus . 01. 2014 15:56:55.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.8191.6544 [GMT 1:00]
Running from: c:\users\Asus\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET personal firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DCService.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-12-07 to 2014-01-07 )))))))))))))))))))))))))))))))
.
.
2014-01-06 09:38 . 2014-01-06 16:49 -------- d-----w- C:\AdwCleaner
2014-01-05 11:44 . 2014-01-05 11:44 -------- d-----w- c:\program files (x86)\HD Tune
2014-01-05 09:56 . 2014-01-05 09:57 -------- d-----w- C:\CrystalDisk
2014-01-04 12:00 . 2014-01-04 12:00 -------- d-----w- c:\program files\trend micro
2014-01-04 11:59 . 2014-01-04 12:00 -------- d-----w- C:\rsit
2013-12-18 20:18 . 2013-12-18 20:18 -------- d-----w- c:\programdata\InstallMate
2013-12-17 19:49 . 2013-12-05 08:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-17 19:49 . 2013-12-05 08:42 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-14 17:27 . 2013-12-18 13:07 -------- d-----w- c:\users\Asus\AppData\Roaming\.minecraft
2013-12-11 11:24 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-06 22:14 . 2013-03-13 02:30 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-06 21:19 . 2013-03-13 02:30 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-01-01 17:41 . 2013-03-13 02:30 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-12-12 04:31 . 2013-05-15 00:27 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 04:31 . 2013-05-15 00:27 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 11:25 . 2013-03-05 17:14 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 02:13 . 2013-11-05 13:30 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-11-05 13:30 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-10-09 12:00 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-11-14 11:56 . 2013-11-22 20:24 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-11-14 11:56 . 2013-10-09 11:59 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-11-14 11:56 . 2013-10-09 11:59 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-11-14 11:56 . 2013-11-22 20:24 15862272 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-11-14 11:56 . 2013-11-22 20:24 1242400 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-11-14 11:56 . 2013-10-01 12:53 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-11-14 11:56 . 2013-11-22 20:24 9619872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-11-14 11:56 . 2013-11-22 20:24 11514624 ----a-w- c:\windows\system32\nvopencl.dll
2013-11-14 11:56 . 2013-10-01 12:53 30361888 ----a-w- c:\windows\system32\nvoglv64.dll
2013-11-14 11:56 . 2013-11-22 20:24 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-11-14 11:56 . 2013-11-22 20:24 22951200 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-11-14 11:56 . 2013-11-22 20:24 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-11-14 11:56 . 2013-11-22 20:24 12613408 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-11-14 11:56 . 2013-11-22 20:24 707360 ----a-w- c:\windows\system32\NvFBC64.dll
2013-11-14 11:56 . 2013-11-22 20:24 657184 ----a-w- c:\windows\system32\NvIFR64.dll
2013-11-14 11:56 . 2013-11-22 20:24 609568 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-11-14 11:56 . 2013-11-22 20:24 562464 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-11-14 11:56 . 2013-11-22 20:24 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-11-14 11:56 . 2013-11-22 20:24 1511712 ----a-w- c:\windows\system32\nvdispgenco6433182.dll
2013-11-14 11:56 . 2013-11-22 20:24 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-11-14 11:56 . 2013-11-22 20:24 1884448 ----a-w- c:\windows\system32\nvdispco6433182.dll
2013-11-14 11:56 . 2013-11-22 20:24 18208624 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-11-14 11:56 . 2013-10-01 12:53 15218504 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-11-14 11:56 . 2013-11-22 20:24 3132704 ----a-w- c:\windows\system32\nvcuvid.dll
2013-11-14 11:56 . 2013-11-22 20:24 2947872 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-11-14 11:56 . 2013-11-22 20:24 9691888 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-11-14 11:56 . 2013-11-22 20:24 3125024 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-11-14 11:56 . 2013-11-22 20:24 2747680 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-11-14 11:56 . 2013-11-22 20:24 11600432 ----a-w- c:\windows\system32\nvcuda.dll
2013-11-14 11:56 . 2013-11-22 20:24 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-11-14 11:56 . 2013-11-22 20:24 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-11-14 11:56 . 2013-10-01 12:53 3069608 ----a-w- c:\windows\system32\nvapi64.dll
2013-11-14 11:56 . 2013-10-01 12:53 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-11-11 15:02 . 2013-10-09 11:59 6674208 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-11 15:02 . 2013-10-09 11:59 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-11-11 15:01 . 2013-10-09 11:59 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-11-11 15:01 . 2013-10-09 11:59 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-11-11 15:01 . 2013-10-09 11:59 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-11-11 15:01 . 2013-10-09 11:59 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 15:01 . 2013-10-09 11:59 3467927 ----a-w- c:\windows\system32\nvcoproc.bin
2013-11-11 07:59 . 2013-11-11 07:59 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-11-07 14:12 . 2013-03-13 11:56 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-10-23 10:30 . 2013-11-05 13:40 1884448 ----a-w- c:\windows\system32\nvdispco6433165.dll
2013-10-23 10:30 . 2013-11-05 13:40 1511712 ----a-w- c:\windows\system32\nvdispgenco6433165.dll
2013-10-20 00:36 . 2013-10-20 00:36 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-16 00:48 . 2013-10-28 10:30 1884448 ----a-w- c:\windows\system32\nvdispco6433158.dll
2013-10-16 00:48 . 2013-10-28 10:30 1511712 ----a-w- c:\windows\system32\nvdispgenco6433158.dll
2013-10-12 02:30 . 2013-11-13 09:20 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 09:20 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 09:20 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 09:20 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 09:20 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-11 12:59 . 2013-10-03 18:45 3894632 ----a-w- c:\windows\SysWow64\pbsvc.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Razer Nostromo Driver"="c:\program files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe" [2011-07-19 978840]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-11-16 2536752]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-12-17 5566176]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Remote Solver for Flow Simulation 2012;Remote Solver for Flow Simulation 2012;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S1 ArcSec;archlp;c:\windows\system32\drivers\ArcSec.sys;c:\windows\SYSNATIVE\drivers\ArcSec.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files\AIDA64\kerneld.x64;c:\program files\AIDA64\kerneld.x64 [x]
S3 cmudaxp;ASUS Xonar DS Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rzjoystk;Razer VJoystick;c:\windows\system32\DRIVERS\rzjoystk.sys;c:\windows\SYSNATIVE\DRIVERS\rzjoystk.sys [x]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys;c:\windows\SYSNATIVE\DRIVERS\RzSynapse.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - AIDA64DRIVER
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 01:13 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cec4bd8c6f2fb4.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-23 22:44]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cef156835fb469.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-23 22:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2011-05-12 8769536]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392]
"Služba Acronis Scheduler2"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-12-17 391144]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
Binary file temp00 matches
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files\AIDA64\kerneld.x64"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\program files\ASUS Xonar DS Audio\Customapp\ASUSAUDIOCENTER.EXE
c:\program files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
c:\program files\AIDA64\aida64.exe
c:\program files\Logitech Gaming Software\Applets\LCDMedia.exe
.
**************************************************************************
.
Completion time: 2014-01-07 16:01:43 - machine was rebooted
ComboFix-quarantined-files.txt 2014-01-07 15:01
.
Pre-Run: 213 017 309 184 bytes free
Post-Run: 212 671 995 904 bytes free
.
- - End Of File - - A5B1B6C57F9C16669F430B2A1285055E
A36C5E4F47E84449FF07ED3517B43A31

Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

ComboFix 14-01-04.03 - Asus . 01. 2014 16:52:40.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.8191.6856 [GMT 1:00]
Running from: c:\users\Asus\Desktop\ComboFix.exe
Command switches used :: c:\users\Asus\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET personal firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2013-12-07 to 2014-01-07 )))))))))))))))))))))))))))))))
.
.
2014-01-07 15:55 . 2014-01-07 15:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-07 15:55 . 2014-01-07 15:55 -------- d-----w- c:\users\Asus\AppData\Local\temp
2014-01-06 09:38 . 2014-01-06 16:49 -------- d-----w- C:\AdwCleaner
2014-01-05 11:44 . 2014-01-05 11:44 -------- d-----w- c:\program files (x86)\HD Tune
2014-01-05 09:56 . 2014-01-05 09:57 -------- d-----w- C:\CrystalDisk
2014-01-04 12:00 . 2014-01-04 12:00 -------- d-----w- c:\program files\trend micro
2014-01-04 11:59 . 2014-01-04 12:00 -------- d-----w- C:\rsit
2013-12-18 20:18 . 2013-12-18 20:18 -------- d-----w- c:\programdata\InstallMate
2013-12-17 19:49 . 2013-12-05 08:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-17 19:49 . 2013-12-05 08:42 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-14 17:27 . 2013-12-18 13:07 -------- d-----w- c:\users\Asus\AppData\Roaming\.minecraft
2013-12-11 11:24 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-07 15:28 . 2013-03-13 02:30 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-06 22:14 . 2013-03-13 02:30 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-01-01 17:41 . 2013-03-13 02:30 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-12-12 04:31 . 2013-05-15 00:27 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 04:31 . 2013-05-15 00:27 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 11:25 . 2013-03-05 17:14 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 02:13 . 2013-11-05 13:30 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-11-05 13:30 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-10-09 12:00 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-11-14 11:56 . 2013-11-22 20:24 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-11-14 11:56 . 2013-10-09 11:59 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-11-14 11:56 . 2013-10-09 11:59 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-11-14 11:56 . 2013-11-22 20:24 15862272 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-11-14 11:56 . 2013-11-22 20:24 1242400 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-11-14 11:56 . 2013-10-01 12:53 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-11-14 11:56 . 2013-11-22 20:24 9619872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-11-14 11:56 . 2013-11-22 20:24 11514624 ----a-w- c:\windows\system32\nvopencl.dll
2013-11-14 11:56 . 2013-10-01 12:53 30361888 ----a-w- c:\windows\system32\nvoglv64.dll
2013-11-14 11:56 . 2013-11-22 20:24 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-11-14 11:56 . 2013-11-22 20:24 22951200 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-11-14 11:56 . 2013-11-22 20:24 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-11-14 11:56 . 2013-11-22 20:24 12613408 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-11-14 11:56 . 2013-11-22 20:24 707360 ----a-w- c:\windows\system32\NvFBC64.dll
2013-11-14 11:56 . 2013-11-22 20:24 657184 ----a-w- c:\windows\system32\NvIFR64.dll
2013-11-14 11:56 . 2013-11-22 20:24 609568 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-11-14 11:56 . 2013-11-22 20:24 562464 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-11-14 11:56 . 2013-11-22 20:24 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-11-14 11:56 . 2013-11-22 20:24 1511712 ----a-w- c:\windows\system32\nvdispgenco6433182.dll
2013-11-14 11:56 . 2013-11-22 20:24 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-11-14 11:56 . 2013-11-22 20:24 1884448 ----a-w- c:\windows\system32\nvdispco6433182.dll
2013-11-14 11:56 . 2013-11-22 20:24 18208624 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-11-14 11:56 . 2013-10-01 12:53 15218504 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-11-14 11:56 . 2013-11-22 20:24 3132704 ----a-w- c:\windows\system32\nvcuvid.dll
2013-11-14 11:56 . 2013-11-22 20:24 2947872 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-11-14 11:56 . 2013-11-22 20:24 9691888 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-11-14 11:56 . 2013-11-22 20:24 3125024 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-11-14 11:56 . 2013-11-22 20:24 2747680 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-11-14 11:56 . 2013-11-22 20:24 11600432 ----a-w- c:\windows\system32\nvcuda.dll
2013-11-14 11:56 . 2013-11-22 20:24 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-11-14 11:56 . 2013-11-22 20:24 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-11-14 11:56 . 2013-10-01 12:53 3069608 ----a-w- c:\windows\system32\nvapi64.dll
2013-11-14 11:56 . 2013-10-01 12:53 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-11-11 15:02 . 2013-10-09 11:59 6674208 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-11 15:02 . 2013-10-09 11:59 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-11-11 15:01 . 2013-10-09 11:59 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-11-11 15:01 . 2013-10-09 11:59 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-11-11 15:01 . 2013-10-09 11:59 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-11-11 15:01 . 2013-10-09 11:59 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 15:01 . 2013-10-09 11:59 3467927 ----a-w- c:\windows\system32\nvcoproc.bin
2013-11-11 07:59 . 2013-11-11 07:59 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-11-07 14:12 . 2013-03-13 11:56 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-10-23 10:30 . 2013-11-05 13:40 1884448 ----a-w- c:\windows\system32\nvdispco6433165.dll
2013-10-23 10:30 . 2013-11-05 13:40 1511712 ----a-w- c:\windows\system32\nvdispgenco6433165.dll
2013-10-20 00:36 . 2013-10-20 00:36 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-16 00:48 . 2013-10-28 10:30 1884448 ----a-w- c:\windows\system32\nvdispco6433158.dll
2013-10-16 00:48 . 2013-10-28 10:30 1511712 ----a-w- c:\windows\system32\nvdispgenco6433158.dll
2013-10-12 02:30 . 2013-11-13 09:20 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 09:20 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 09:20 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 09:20 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 09:20 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-11 12:59 . 2013-10-03 18:45 3894632 ----a-w- c:\windows\SysWow64\pbsvc.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Razer Nostromo Driver"="c:\program files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe" [2011-07-19 978840]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-11-16 2536752]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-12-17 5566176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Remote Solver for Flow Simulation 2012;Remote Solver for Flow Simulation 2012;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe;c:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S1 ArcSec;archlp;c:\windows\system32\drivers\ArcSec.sys;c:\windows\SYSNATIVE\drivers\ArcSec.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files\AIDA64\kerneld.x64;c:\program files\AIDA64\kerneld.x64 [x]
S3 cmudaxp;ASUS Xonar DS Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rzjoystk;Razer VJoystick;c:\windows\system32\DRIVERS\rzjoystk.sys;c:\windows\SYSNATIVE\DRIVERS\rzjoystk.sys [x]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys;c:\windows\SYSNATIVE\DRIVERS\RzSynapse.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - AIDA64DRIVER
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 01:13 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cec4bd8c6f2fb4.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-23 22:44]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cef156835fb469.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-23 22:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2011-05-12 8769536]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392]
"Služba Acronis Scheduler2"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-12-17 391144]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
Binary file temp00 matches
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files\AIDA64\kerneld.x64"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\program files\ASUS Xonar DS Audio\Customapp\ASUSAUDIOCENTER.EXE
c:\program files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
c:\program files\AIDA64\aida64.exe
.
**************************************************************************
.
Completion time: 2014-01-07 16:57:20 - machine was rebooted
ComboFix-quarantined-files.txt 2014-01-07 15:57
ComboFix2.txt 2014-01-07 15:01
.
Pre-Run: 212 796 784 640 bytes free
Post-Run: 212 634 902 528 bytes free
.
- - End Of File - - A7264B68419D096DF2EBBD17D803D4E6
A36C5E4F47E84449FF07ED3517B43A31

Dejte novy log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Asus at 2014-01-07 17:31:28
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 203 GB (83%) free of 244 GB
Total RAM: 8191 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:31:30, on 7. 1. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ASUS Xonar DS Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\AIDA64\aida64.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Asus.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PXCIEaddin5 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll
O4 - HKLM\..\Run: [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE"
O4 - HKLM\..\Run: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
O4 - HKLM\..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Solver for Flow Simulation 2012 - Mentor Graphics Corporation - C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 7681 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Sandboxie\SbieSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1714687334409182385770131083494608041658201067676296689392587984-1523330680
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6851d026-6203-48dc-8689-0b971ae3f822 -SystemEventPortName:HostProcess-7144b3b6-d519-4e3f-9fe7-04c82ad1949a -IoCancelEventPortName:HostProcess-dd5719a7-0475-4a70-bef0-c8ef49ea924c -NonStateChangingEventPortName:HostProcess-c8b6376a-807c-43db-b70c-6cd75e9f6903 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e5a529a7-2360-46fb-ab4b-8adb2582d3ab -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\ASUS Xonar DS Audio\Customapp\ASUSAUDIOCENTER.EXE"
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe"
"C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe"
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
taskeng.exe {30F3D80A-3959-4496-BC9F-56F007F7925A}
"C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\AIDA64\aida64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\explorer.exe
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Asus\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore1cec4bd8c6f2fb4.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cef156835fb469.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A}]
PDFXChange 2012 - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll [2013-01-19 423488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-20 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-20 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - PDFXChange 2012 - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll [2013-01-19 423488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"Cmaudio8788"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Cmaudio8788GX"=C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]
"Cmaudio8788GX64"=C:\Windows\system\HsMgr64.exe [2008-07-11 282112]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2012-11-29 7406392]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2010-12-17 391144]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-08 1028384]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\Program Files\Sandboxie\SbieCtrl.exe [2012-12-16 765200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Nástroj pro stahování na pozadí.lnk]
C:\PROGRA~2\COMMON~1\MANAER~1\BACKGR~1\SLDBGD~1.EXE [2012-10-06 1855080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TotalMedia Server.lnk]
C:\PROGRA~2\ArcSoft\TOTALM~1\TOTALM~1\TMSERV~1.EXE [2010-12-20 519744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RoccatKone+"=C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [2011-07-12 552960]
"Razer Nostromo Driver"=C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe [2011-07-19 978840]
"SAOB Monitor"=C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2010-11-16 2536752]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-12-17 5566176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-01-07 16:57:22 ----D---- C:\Windows\temp
2014-01-07 16:57:20 ----A---- C:\ComboFix.txt
2014-01-07 16:56:08 ----D---- C:\$RECYCLE.BIN
2014-01-07 15:56:03 ----A---- C:\Windows\zip.exe
2014-01-07 15:56:03 ----A---- C:\Windows\SWSC.exe
2014-01-07 15:56:03 ----A---- C:\Windows\SWREG.exe
2014-01-07 15:56:03 ----A---- C:\Windows\sed.exe
2014-01-07 15:56:03 ----A---- C:\Windows\PEV.exe
2014-01-07 15:56:03 ----A---- C:\Windows\NIRCMD.exe
2014-01-07 15:56:03 ----A---- C:\Windows\MBR.exe
2014-01-07 15:56:03 ----A---- C:\Windows\grep.exe
2014-01-07 15:56:00 ----D---- C:\Qoobox
2014-01-07 15:55:54 ----D---- C:\Windows\erdnt
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\yk62x64.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\WUDFRd.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\WUDFPf.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\wmilib.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\wmiacpi.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\winhv.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\wimmount.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\wfplwf.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\WdfLdr.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\Wdf01000.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\wd.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\watchdog.sys.bak
2014-01-06 21:40:48 ----A---- C:\Windows\system32\drivers\wanarp.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\wacompen.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\vwifimp.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\vwififlt.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\vwifibus.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\vsmraid.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\volsnap.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\volmgrx.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\volmgr.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\vmstorfl.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\vms3cap.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\VMBusHID.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\vmbus.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\videoprt.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\viaide.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\vhdmp.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\vgapnp.sys.bak
2014-01-06 21:40:47 ----A---- C:\Windows\system32\drivers\vga.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\vdrvroot.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\usbuhci.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\usbrpm.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\usbprint.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\usbport.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\usbohci.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\usbhub.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\usbehci.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\usbd.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\usbcir.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\usbccgp.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\usb8023.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\umpass.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\umbus.sys.bak
2014-01-06 21:40:46 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\udfs.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\UAGP35.SYS.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\tunnel.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\tssecsrv.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\timntr.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\termdd.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\tdx.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\tdtcp.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\tdrpm273.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\tdpipe.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\tdi.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\tcpipreg.sys.bak
2014-01-06 21:40:45 ----A---- C:\Windows\system32\drivers\tcpip.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\tape.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\swenum.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\stream.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\storvsc.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\storport.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\stexstor.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\srvnet.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\srv2.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\srv.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\spsys.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\spldr.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\snapman.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\smclib.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\smb.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\sisraid4.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\sisraid2.sys.bak
2014-01-06 21:40:44 ----A---- C:\Windows\system32\drivers\sfloppy.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\sffp_sd.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\sffp_mmc.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\sffdisk.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\sermouse.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\serial.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\serenum.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\secdrv.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\scsiport.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\scfilter.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\sbp2port.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\RzSynapse.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\rzjoystk.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\rzhidmap.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\rspndr.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\rootmdm.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\RNDISMP.sys.bak
2014-01-06 21:40:43 ----A---- C:\Windows\system32\drivers\rmcast.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\rdyboost.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\rdpwd.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\RDPREFMP.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\RDPENCDD.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\rdpdr.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\RDPCDD.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\rdpbus.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\rdbss.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\rassstp.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\raspptp.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\raspppoe.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\rasl2tp.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\rasacd.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\qwavedrv.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\ql40xx.sys.bak
2014-01-06 21:40:42 ----A---- C:\Windows\system32\drivers\ql2300.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\processr.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\portcls.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\PEAuth.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\pcw.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\pcmcia.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\pciidex.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\pciide.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\pci.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\partmgr.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\parport.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\pacer.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\ohci1394.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\nwifi.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\nvvad64v.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\nvstor.sys.bak
2014-01-06 21:40:41 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS.bak
2014-01-06 21:40:40 ----A---- C:\Windows\system32\drivers\nvraid.sys.bak
2014-01-06 21:40:40 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys.bak
2014-01-06 21:40:40 ----A---- C:\Windows\system32\drivers\nvhda64v.sys.bak
2014-01-06 21:40:40 ----A---- C:\Windows\system32\drivers\null.sys.bak
2014-01-06 21:40:40 ----A---- C:\Windows\system32\drivers\ntfs.sys.bak
2014-01-06 21:40:40 ----A---- C:\Windows\system32\drivers\nsiproxy.sys.bak
2014-01-06 21:40:40 ----A---- C:\Windows\system32\drivers\npfs.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\nfrd960.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\netio.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\netbt.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\netbios.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\ndproxy.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\ndiswan.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\ndisuio.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\ndistapi.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\ndiscap.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\ndis.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\mup.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\MTConfig.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\mstee.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\mssmbios.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\msrpc.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\mspqm.sys.bak
2014-01-06 21:40:39 ----A---- C:\Windows\system32\drivers\mspclock.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\mskssrv.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\msiscsi.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\msisadrv.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\mshidkmdf.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\msfs.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\msdsm.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\msahci.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\mrxsmb.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\mrxdav.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\mpsdrv.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\mpio.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\mountmgr.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\mouhid.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\mouclass.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\monitor.sys.bak
2014-01-06 21:40:38 ----A---- C:\Windows\system32\drivers\modem.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\mod7700.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\MegaSR.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\megasas.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\mcd.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\luafv.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\lsi_scsi.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\lsi_sas2.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\lsi_sas.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\lsi_fc.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\lltdio.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\LGVirHid.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\LGBusEnum.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\ksthunk.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\ks.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\kbdhid.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\kbdclass.sys.bak
2014-01-06 21:40:37 ----A---- C:\Windows\system32\drivers\isapnp.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\irenum.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\irda.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\ipnat.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\intelppm.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\intelide.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\iirsp.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\iaStorV.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\iaStor.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\i8042prt.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\hwpolicy.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\http.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\HpSAMD.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\hidusb.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\hidparse.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\hidir.sys.bak
2014-01-06 21:40:36 ----A---- C:\Windows\system32\drivers\hidclass.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\hidbth.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\hidbatt.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\HdAudio.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\hdaudbus.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\hcw85cir.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\GAGP30KX.SYS.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\fvevol.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\fsdepends.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\fs_rec.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\fltMgr.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\flpydisk.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\filetrace.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\fileinfo.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\fdc.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\fastfat.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\exfat.sys.bak
2014-01-06 21:40:35 ----A---- C:\Windows\system32\drivers\ew_usbenumfilter.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\ewusbnet.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\ewusbmdm.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\ewdcsc.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\ew_juwwanecm.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\ew_juextctrl.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\ew_jucdcecm.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\ew_jucdcacm.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\ew_jubusenum.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\ew_hwusbdev.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\ew_hwupgrade.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\evbda.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\errdev.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\epfwwfp.sys.bak
2014-01-06 21:40:34 ----A---- C:\Windows\system32\drivers\EpfwLWF.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\epfw.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\elxstor.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\ehdrv.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\edevmon.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\eamonm.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\dxgmms1.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\dxg.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\dxapi.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\dumpfve.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\Dumpata.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\drmkaud.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\drmk.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\dmvsc.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\Diskdump.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\disk.sys.bak
2014-01-06 21:40:33 ----A---- C:\Windows\system32\drivers\discache.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\dfsc.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\csc.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\crcdisk.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\crashdmp.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\CompositeBus.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\compbatt.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\cng.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\cmudaxp.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\cmdide.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\CmBatt.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\Classpnp.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\circlass.sys.bak
2014-01-06 21:40:32 ----A---- C:\Windows\system32\drivers\cdrom.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\cdfs.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\bxvbda.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\bthmodem.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\BrUsbSer.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\BrUsbMdm.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\BrSerWdm.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\BrSerId.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\bridge.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\BrFiltUp.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\BrFiltLo.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\bowser.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\blbdrive.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\beep.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\battc.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\b57nd60a.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\ataport.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\atapi.sys.bak
2014-01-06 21:40:31 ----A---- C:\Windows\system32\drivers\asyncmac.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\ASACPI.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\ArcSec.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\arcsas.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\arc.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\appid.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\amdxata.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\amdsbs.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\amdsata.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\amdppm.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\amdk8.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\amdide.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\aliide.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\AGP440.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\agilevpn.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\afd.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\afcdp.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\adpu320.sys.bak
2014-01-06 21:40:30 ----A---- C:\Windows\system32\drivers\adpahci.sys.bak
2014-01-06 21:40:29 ----A---- C:\Windows\system32\drivers\adp94xx.sys.bak
2014-01-06 21:40:29 ----A---- C:\Windows\system32\drivers\acpipmi.sys.bak
2014-01-06 21:40:29 ----A---- C:\Windows\system32\drivers\acpi.sys.bak
2014-01-06 21:40:29 ----A---- C:\Windows\system32\drivers\1394ohci.sys.bak
2014-01-06 21:40:29 ----A---- C:\Windows\system32\drivers\1394bus.sys.bak
2014-01-06 10:38:43 ----D---- C:\AdwCleaner
2014-01-05 12:44:10 ----D---- C:\Program Files (x86)\HD Tune
2014-01-05 10:56:19 ----D---- C:\CrystalDisk
2014-01-04 13:00:00 ----D---- C:\Program Files\trend micro
2014-01-04 12:59:59 ----D---- C:\rsit
2013-12-18 21:18:59 ----D---- C:\ProgramData\InstallMate
2013-12-17 20:49:45 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2013-12-17 20:49:45 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2013-12-14 18:27:18 ----D---- C:\Users\Asus\AppData\Roaming\.minecraft
2013-12-11 12:26:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-11 12:26:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-11 12:26:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-11 12:26:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-11 12:26:20 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-11 12:26:20 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-11 12:26:20 ----A---- C:\Windows\system32\ieui.dll
2013-12-11 12:26:19 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-11 12:26:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-11 12:26:19 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-11 12:26:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-11 12:26:19 ----A---- C:\Windows\system32\wininet.dll
2013-12-11 12:26:19 ----A---- C:\Windows\system32\urlmon.dll
2013-12-11 12:26:19 ----A---- C:\Windows\system32\url.dll
2013-12-11 12:26:19 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-11 12:26:19 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-11 12:26:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-11 12:26:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-11 12:26:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-11 12:26:18 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-11 12:26:18 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-11 12:26:18 ----A---- C:\Windows\system32\vbscript.dll
2013-12-11 12:26:18 ----A---- C:\Windows\system32\jscript9.dll
2013-12-11 12:26:18 ----A---- C:\Windows\system32\jscript.dll
2013-12-11 12:26:18 ----A---- C:\Windows\system32\iertutil.dll
2013-12-11 12:26:17 ----A---- C:\Windows\system32\mshtml.dll
2013-12-11 12:26:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-11 12:26:16 ----A---- C:\Windows\system32\ieframe.dll
2013-12-11 12:24:54 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-11 12:24:54 ----A---- C:\Windows\system32\tzres.dll
2013-12-11 12:24:52 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-11 12:24:52 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-11 12:24:52 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-11 12:24:52 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-11 12:24:52 ----A---- C:\Windows\system32\wscript.exe
2013-12-11 12:24:52 ----A---- C:\Windows\system32\win32k.sys
2013-12-11 12:24:52 ----A---- C:\Windows\system32\scrrun.dll
2013-12-11 12:24:52 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-11 12:24:52 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-11 12:24:52 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-11 12:24:52 ----A---- C:\Windows\system32\cscript.exe

======List of files/folders modified in the last 1 month======

2014-01-07 17:01:49 ----D---- C:\Users\Asus\AppData\Roaming\Media Player Classic
2014-01-07 17:00:10 ----D---- C:\Windows\System32
2014-01-07 17:00:10 ----D---- C:\Windows\inf
2014-01-07 17:00:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-07 16:57:22 ----D---- C:\Windows\system32\drivers
2014-01-07 16:57:22 ----D---- C:\Windows
2014-01-07 16:56:31 ----D---- C:\Windows\system32\config
2014-01-07 16:56:11 ----A---- C:\Windows\system.ini
2014-01-07 16:56:07 ----D---- C:\Windows\system32\drivers\etc
2014-01-07 16:55:54 ----D---- C:\ProgramData\NVIDIA
2014-01-07 16:53:48 ----D---- C:\Windows\SYSWOW64\drivers
2014-01-07 16:53:48 ----D---- C:\Windows\SysWOW64
2014-01-07 16:53:48 ----D---- C:\Windows\AppPatch
2014-01-07 16:53:47 ----D---- C:\Program Files (x86)\Common Files
2014-01-07 16:28:35 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-01-07 16:21:42 ----D---- C:\Program Files (x86)\Origin
2014-01-07 00:34:56 ----D---- C:\Windows\SoftwareDistribution
2014-01-06 23:56:28 ----D---- C:\Users\Asus\AppData\Roaming\TS3Client
2014-01-06 21:37:37 ----D---- C:\Windows\system32\catroot2
2014-01-06 18:26:20 ----D---- C:\Users\Asus\AppData\Roaming\vlc
2014-01-06 18:24:48 ----D---- C:\Users\Asus\AppData\Roaming\dvdcss
2014-01-05 16:12:20 ----RD---- C:\Program Files (x86)
2014-01-04 13:00:00 ----RD---- C:\Program Files
2014-01-04 03:23:46 ----D---- C:\Program Files\MediaInfo
2014-01-02 13:57:25 ----SHD---- C:\Windows\Installer
2014-01-02 13:57:25 ----D---- C:\Program Files (x86)\Media Preview
2014-01-02 04:15:08 ----A---- C:\Windows\NeroDigital.ini
2014-01-02 04:14:13 ----D---- C:\Windows\system32\Tasks
2014-01-01 18:41:07 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2014-01-01 01:10:13 ----D---- C:\Program Files (x86)\XnView
2013-12-31 22:59:05 ----A---- C:\Users\Asus\AppData\Roaming\ISOWorkshop.ini
2013-12-26 15:35:15 ----A---- C:\Windows\Sandboxie.ini
2013-12-18 21:18:59 ----D---- C:\ProgramData
2013-12-18 02:38:12 ----D---- C:\Windows\Logs
2013-12-17 20:49:59 ----D---- C:\Windows\Microsoft.NET
2013-12-17 20:49:47 ----D---- C:\Windows\system32\DriverStore
2013-12-17 20:49:47 ----D---- C:\Windows\system32\catroot
2013-12-12 05:31:15 ----D---- C:\Windows\Tasks
2013-12-12 05:31:00 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-11 13:25:48 ----D---- C:\Windows\rescache
2013-12-11 12:46:37 ----D---- C:\Windows\debug
2013-12-11 12:29:19 ----D---- C:\Windows\winsxs
2013-12-11 12:28:22 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-12-11 12:28:22 ----D---- C:\Windows\SYSWOW64\migration
2013-12-11 12:28:22 ----D---- C:\Windows\system32\sk-SK
2013-12-11 12:28:22 ----D---- C:\Windows\system32\migration
2013-12-11 12:28:22 ----D---- C:\Program Files\Internet Explorer
2013-12-11 12:28:22 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-11 12:27:16 ----D---- C:\ProgramData\Microsoft Help
2013-12-11 12:26:09 ----D---- C:\Windows\system32\MRT
2013-12-11 12:25:25 ----A---- C:\Windows\system32\MRT.exe
2013-12-10 03:13:11 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2013-12-10 03:13:01 ----A---- C:\Windows\system32\nvspcap64.dll
2013-12-08 00:17:36 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-03-05 272480]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2013-03-05 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2013-03-05 970336]
R1 ArcSec;archlp; C:\Windows\system32\drivers\ArcSec.sys [2010-09-21 312184]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-04-06 13368]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-05 254528]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2013-03-05 285280]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files\AIDA64\kerneld.x64 [2013-09-16 32600]
R3 cmudaxp;ASUS Xonar DS Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys [2011-03-10 2725376]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2010-07-27 86016]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-06-16 196384]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 rzjoystk;Razer VJoystick; C:\Windows\system32\DRIVERS\rzjoystk.sys [2011-03-24 19968]
R3 RzSynapse;Razer Driver; C:\Windows\system32\DRIVERS\RzSynapse.sys [2011-07-14 157184]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2010-08-24 91648]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-12-17 1112664]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-03-05 3246040]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 922912]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-01-01 76888]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2012-12-16 123664]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-10-28 2156952]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-02-26 3560800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-23 116648]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2012-10-06 89192]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-03-05 1431888]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-03-05 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-23 116648]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Remote Solver for Flow Simulation 2012;Remote Solver for Flow Simulation 2012; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [2012-08-09 114824]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2013-03-05 79360]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-05 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------

Jeste jeden sken a budem mazat


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL logfile created on: 7. 1. 2014 19:09:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asus\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

8,00 Gb Total Physical Memory | 6,35 Gb Available Physical Memory | 79,38% Memory free
16,00 Gb Paging File | 14,22 Gb Available in Paging File | 88,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238,38 Gb Total Space | 198,05 Gb Free Space | 83,08% Space Free | Partition Type: NTFS
Drive D: | 59,62 Gb Total Space | 30,85 Gb Free Space | 51,74% Space Free | Partition Type: NTFS
Drive E: | 465,75 Gb Total Space | 212,97 Gb Free Space | 45,73% Space Free | Partition Type: NTFS
Drive F: | 1397,25 Gb Total Space | 75,49 Gb Free Space | 5,40% Space Free | Partition Type: NTFS
Drive G: | 1397,20 Gb Total Space | 1241,68 Gb Free Space | 88,87% Space Free | Partition Type: NTFS
Drive H: | 1397,20 Gb Total Space | 748,31 Gb Free Space | 53,56% Space Free | Partition Type: NTFS

Computer Name: ASUS-PC | User Name: Asus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/07 19:07:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe
PRC - [2014/01/01 18:41:07 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/12/10 03:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013/12/10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/11/11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/11/08 21:46:18 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/09/16 22:25:38 | 003,635,008 | ---- | M] (FinalWire Ltd.) -- C:\Program Files\AIDA64\aida64.exe
PRC - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2013/07/09 14:25:35 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2013/03/05 19:33:56 | 003,246,040 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2013/02/26 13:23:13 | 003,560,800 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/11/29 01:10:08 | 000,661,304 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
PRC - [2011/07/19 13:37:16 | 000,978,840 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
PRC - [2011/07/12 15:29:00 | 000,552,960 | ---- | M] (ROCCAT GmbH) -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
PRC - [2011/05/12 16:50:02 | 001,990,656 | ---- | M] (CMedia) -- C:\Program Files\ASUS Xonar DS Audio\Customapp\AsusAudioCenter.exe
PRC - [2010/12/17 10:22:46 | 000,391,144 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2010/12/17 10:21:10 | 005,566,176 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2010/11/16 04:06:22 | 002,536,752 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
PRC - [2010/10/28 19:31:58 | 002,156,952 | ---- | M] () -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/07/11 15:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/16 22:25:38 | 000,062,280 | ---- | M] () -- C:\Program Files\AIDA64\aida_lglcd3.dll
MOD - [2013/07/09 14:25:37 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2013/07/09 14:25:37 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2013/07/09 14:25:37 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2013/07/09 14:25:37 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2013/07/09 14:25:37 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2013/07/09 14:25:37 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2013/07/09 14:25:37 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2013/07/09 14:25:37 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2013/07/09 14:25:37 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2013/07/09 14:25:37 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2013/07/09 14:25:37 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2013/07/09 14:25:37 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2011/04/19 14:56:58 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS Xonar DS Audio\Customapp\VmixP8.dll
MOD - [2010/12/17 10:20:28 | 011,181,408 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
MOD - [2010/06/22 13:50:52 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll
MOD - [2008/07/11 15:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013/12/10 03:14:39 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/05 21:58:26 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012/12/16 12:25:38 | 000,123,664 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2012/10/06 06:38:46 | 000,089,192 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV:64bit: - [2012/08/09 12:46:24 | 000,114,824 | ---- | M] (Mentor Graphics Corporation) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe -- (Remote Solver for Flow Simulation 2012)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/07/29 12:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2014/01/01 18:41:07 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/12/10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/11/11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/03/05 21:57:04 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2013/03/05 21:57:03 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/03/05 19:33:56 | 003,246,040 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2013/02/26 13:23:13 | 003,560,800 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/12/17 10:24:42 | 001,112,664 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/10/28 19:31:58 | 002,156,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (Správce výběru OS)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/05 09:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/09/17 15:17:38 | 000,239,320 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/09/17 15:17:38 | 000,220,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013/09/17 15:17:38 | 000,168,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2013/09/17 15:17:38 | 000,062,136 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013/09/17 15:17:38 | 000,044,120 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013/09/16 22:25:38 | 000,032,600 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\AIDA64\kerneld.x64 -- (AIDA64Driver)
DRV:64bit: - [2013/06/16 13:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/03/05 19:38:55 | 000,272,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2013/03/05 19:33:56 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2013/03/05 19:33:55 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273)
DRV:64bit: - [2013/03/05 19:33:55 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2013/03/05 16:58:33 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/12/16 12:25:34 | 000,202,632 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/14 17:18:52 | 000,157,184 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2011/03/24 14:35:36 | 000,019,968 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzjoystk.sys -- (rzjoystk)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 15:44:16 | 002,725,376 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudaxp.sys -- (cmudaxp)
DRV:64bit: - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/21 09:07:08 | 000,312,184 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ArcSec.sys -- (ArcSec)
DRV:64bit: - [2010/08/24 21:53:26 | 000,091,648 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2010/07/27 14:26:34 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010/07/27 08:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2009/11/24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/20 10:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/14 10:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-265218232-1932774586-2238277341-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-265218232-1932774586-2238277341-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-265218232-1932774586-2238277341-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.1: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013/11/05 23:30:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/11/05 23:30:47 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.16 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: The West - tw-db.info Cloth Calc [sk] = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejapfkpdnjfghpldlfdkbnjneiofggif\1.0_0\
CHR - Extension: FoxyProxy Standard = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp\2.9_0\
CHR - Extension: AdBlock = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: LastPass = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.22_0\
CHR - Extension: WestForts.com Import Link = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgkbndjdpgffogjbfdlnmhhelhhpkiel\2.0_0\
CHR - Extension: Better Battlelog (BBLog) = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma\3.9.0_0\
CHR - Extension: Auto HD For YouTube\u2122 = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\6.0.5_0\
CHR - Extension: Auto HD For YouTube\u2122 = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\6.0.6_0\
CHR - Extension: The-West Calc = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfibbghdnffpikjbjhmlafjbiahopgam\0.6.8.5_0\
CHR - Extension: Lightshot (screenshot tool) = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp\4.4.2_0\
CHR - Extension: Clickable Links = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgamelhnfokapndfdodnmfiningckjia\2.3_0\
CHR - Extension: Pe\u0148a\u017Eenka Google = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Minecraft Origins = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooemofofigijedhcifaimglnncjmckaa\1.0.4_0\

O1 HOSTS File: ([2014/01/07 16:56:07 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PDFXChange 2012) - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (PDFXChange 2012) - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll (Tracker Software Products (Canada) Ltd.)
O4:64bit: - HKLM..\Run: [Cmaudio8788] C:\Windows\Syswow64\cmicnfgp.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [Cmaudio8788GX] C:\Windows\syswow64\HsMgr.exe ()
O4:64bit: - HKLM..\Run: [Cmaudio8788GX64] C:\Windows\system\HsMgr64.exe ()
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Služba Acronis Scheduler2] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH)
O4 - HKLM..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-265218232-1932774586-2238277341-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-265218232-1932774586-2238277341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-265218232-1932774586-2238277341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1423763-D3A0-4C46-A47C-6ABD660DAEA8}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - frapsvid.dll File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/01/07 19:07:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe
[2014/01/07 16:57:22 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/01/07 16:57:22 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\temp
[2014/01/07 16:56:08 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014/01/07 15:56:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/01/07 15:56:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/01/07 15:56:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/01/07 15:56:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/07 15:55:54 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/01/07 15:53:03 | 005,160,001 | R--- | C] (Swearware) -- C:\Users\Asus\Desktop\ComboFix.exe
[2014/01/06 21:40:48 | 000,393,728 | ---- | C] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys.bak
[2014/01/06 21:40:48 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014/01/06 21:40:48 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\winhv.sys.bak
[2014/01/06 21:40:48 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014/01/06 21:40:48 | 000,016,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014/01/06 21:40:47 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014/01/06 21:40:46 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014/01/06 21:40:46 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/06 21:40:46 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014/01/06 21:40:46 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014/01/06 21:40:46 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014/01/06 21:40:45 | 001,263,200 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm273.sys.bak
[2014/01/06 21:40:45 | 000,970,336 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys.bak
[2014/01/06 21:40:45 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/06 21:40:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2014/01/06 21:40:45 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014/01/06 21:40:44 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014/01/06 21:40:44 | 000,272,480 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys.bak
[2014/01/06 21:40:44 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014/01/06 21:40:44 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014/01/06 21:40:44 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014/01/06 21:40:44 | 000,024,656 | ---- | C] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014/01/06 21:40:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014/01/06 21:40:43 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014/01/06 21:40:43 | 000,157,184 | ---- | C] (Razer USA Ltd) -- C:\Windows\SysNative\drivers\RzSynapse.sys.bak
[2014/01/06 21:40:43 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014/01/06 21:40:43 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014/01/06 21:40:43 | 000,019,968 | ---- | C] (Razer USA Ltd) -- C:\Windows\SysNative\drivers\rzjoystk.sys.bak
[2014/01/06 21:40:43 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014/01/06 21:40:43 | 000,007,168 | ---- | C] (Razer USA Ltd) -- C:\Windows\SysNative\drivers\rzhidmap.sys.bak
[2014/01/06 21:40:42 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys.bak
[2014/01/06 21:40:41 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014/01/06 21:40:41 | 000,048,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014/01/06 21:40:41 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys.bak
[2014/01/06 21:40:40 | 000,196,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys.bak
[2014/01/06 21:40:39 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014/01/06 21:40:37 | 000,999,936 | ---- | C] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys.bak
[2014/01/06 21:40:37 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/06 21:40:37 | 000,022,408 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGBusEnum.sys.bak
[2014/01/06 21:40:37 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014/01/06 21:40:37 | 000,016,008 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGVirHid.sys.bak
[2014/01/06 21:40:36 | 000,408,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2014/01/06 21:40:36 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014/01/06 21:40:36 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014/01/06 21:40:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014/01/06 21:40:36 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014/01/06 21:40:35 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/06 21:40:35 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014/01/06 21:40:35 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014/01/06 21:40:35 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys.bak
[2014/01/06 21:40:34 | 003,286,016 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014/01/06 21:40:34 | 000,256,000 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys.bak
[2014/01/06 21:40:34 | 000,196,608 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys.bak
[2014/01/06 21:40:34 | 000,121,600 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys.bak
[2014/01/06 21:40:34 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys.bak
[2014/01/06 21:40:34 | 000,091,648 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys.bak
[2014/01/06 21:40:34 | 000,086,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys.bak
[2014/01/06 21:40:34 | 000,062,136 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\epfwwfp.sys.bak
[2014/01/06 21:40:34 | 000,054,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys.bak
[2014/01/06 21:40:34 | 000,044,120 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\EpfwLWF.sys.bak
[2014/01/06 21:40:34 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys.bak
[2014/01/06 21:40:34 | 000,030,208 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys.bak
[2014/01/06 21:40:34 | 000,022,528 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwupgrade.sys.bak
[2014/01/06 21:40:33 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014/01/06 21:40:33 | 000,254,528 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys.bak
[2014/01/06 21:40:33 | 000,239,320 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys.bak
[2014/01/06 21:40:33 | 000,239,296 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\edevmon.sys.bak
[2014/01/06 21:40:33 | 000,220,232 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\epfw.sys.bak
[2014/01/06 21:40:33 | 000,168,256 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys.bak
[2014/01/06 21:40:33 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014/01/06 21:40:33 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014/01/06 21:40:33 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dmvsc.sys.bak
[2014/01/06 21:40:33 | 000,055,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014/01/06 21:40:33 | 000,028,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014/01/06 21:40:33 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014/01/06 21:40:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014/01/06 21:40:32 | 002,725,376 | ---- | C] (C-Media Inc) -- C:\Windows\SysNative\drivers\cmudaxp.sys.bak
[2014/01/06 21:40:32 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014/01/06 21:40:32 | 000,039,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014/01/06 21:40:31 | 000,468,480 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014/01/06 21:40:31 | 000,270,848 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014/01/06 21:40:31 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014/01/06 21:40:31 | 000,028,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014/01/06 21:40:30 | 000,285,280 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys.bak
[2014/01/06 21:40:30 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/06 21:40:30 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014/01/06 21:40:30 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014/01/06 21:40:29 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014/01/06 21:39:43 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\RK_Quarantine
[2014/01/06 10:38:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/05 12:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2014/01/05 12:44:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[2014/01/05 10:56:19 | 000,000,000 | ---D | C] -- C:\CrystalDisk
[2014/01/04 13:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/01/04 12:59:59 | 000,000,000 | ---D | C] -- C:\rsit
[2013/12/18 21:18:59 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013/12/17 20:49:45 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2013/12/17 20:49:45 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2013/12/14 18:27:18 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\.minecraft
[2013/12/11 12:26:20 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/12/11 12:26:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/12/11 12:26:20 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/12/11 12:26:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/12/11 12:26:20 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/12/11 12:26:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/12/11 12:26:19 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/12/11 12:26:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/12/11 12:26:19 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/12/11 12:26:19 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/12/11 12:26:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/12/11 12:26:18 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/11 12:26:18 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/12/11 12:26:18 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/12/11 12:26:18 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/12/11 12:24:52 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/11 12:24:52 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/11 12:24:52 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/11 12:24:52 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/11 12:24:52 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/11 12:24:52 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/12/11 12:24:52 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/11 12:24:52 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/11 12:24:52 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll

========== Files - Modified Within 30 Days ==========

[2014/01/07 19:10:50 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/07 19:07:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe
[2014/01/07 18:13:20 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cef156835fb469.job
[2014/01/07 18:00:23 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cec4bd8c6f2fb4.job
[2014/01/07 17:54:15 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/07 17:54:15 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/07 17:51:09 | 000,896,390 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/07 17:51:09 | 000,731,342 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/07 17:51:09 | 000,155,860 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/07 17:47:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/07 16:56:07 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/01/07 16:28:35 | 000,214,392 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/01/07 12:37:05 | 005,160,001 | R--- | M] (Swearware) -- C:\Users\Asus\Desktop\ComboFix.exe
[2014/01/07 00:02:16 | 000,393,728 | ---- | M] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys.bak
[2014/01/07 00:02:16 | 000,016,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014/01/07 00:02:15 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014/01/07 00:02:15 | 000,052,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\winhv.sys.bak
[2014/01/07 00:02:15 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014/01/07 00:02:14 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014/01/07 00:02:13 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014/01/07 00:02:13 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/07 00:02:13 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014/01/07 00:02:13 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014/01/07 00:02:13 | 000,007,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014/01/07 00:02:12 | 001,263,200 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm273.sys.bak
[2014/01/07 00:02:12 | 000,970,336 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys.bak
[2014/01/07 00:02:12 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/07 00:02:12 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2014/01/07 00:02:12 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014/01/07 00:02:11 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014/01/07 00:02:11 | 000,272,480 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys.bak
[2014/01/07 00:02:11 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014/01/07 00:02:11 | 000,068,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014/01/07 00:02:11 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014/01/07 00:02:11 | 000,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014/01/07 00:02:11 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014/01/07 00:02:10 | 000,171,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014/01/07 00:02:10 | 000,157,184 | ---- | M] (Razer USA Ltd) -- C:\Windows\SysNative\drivers\RzSynapse.sys.bak
[2014/01/07 00:02:10 | 000,019,968 | ---- | M] (Razer USA Ltd) -- C:\Windows\SysNative\drivers\rzjoystk.sys.bak
[2014/01/07 00:02:09 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014/01/07 00:02:09 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014/01/07 00:02:09 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys.bak
[2014/01/07 00:02:09 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014/01/07 00:02:09 | 000,007,168 | ---- | M] (Razer USA Ltd) -- C:\Windows\SysNative\drivers\rzhidmap.sys.bak
[2014/01/07 00:02:08 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014/01/07 00:02:08 | 000,048,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014/01/07 00:02:07 | 000,039,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys.bak
[2014/01/07 00:02:06 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014/01/07 00:02:06 | 000,196,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys.bak
[2014/01/07 00:02:03 | 000,999,936 | ---- | M] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys.bak
[2014/01/07 00:02:03 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/07 00:02:03 | 000,022,408 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGBusEnum.sys.bak
[2014/01/07 00:02:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014/01/07 00:02:03 | 000,016,008 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\LGVirHid.sys.bak
[2014/01/07 00:02:02 | 000,408,600 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2014/01/07 00:02:02 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014/01/07 00:02:01 | 000,078,720 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014/01/07 00:02:01 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014/01/07 00:02:01 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014/01/07 00:02:01 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014/01/07 00:02:00 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/07 00:02:00 | 000,196,608 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys.bak
[2014/01/07 00:02:00 | 000,091,648 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys.bak
[2014/01/07 00:02:00 | 000,054,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys.bak
[2014/01/07 00:02:00 | 000,030,208 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys.bak
[2014/01/07 00:02:00 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014/01/07 00:02:00 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys.bak
[2014/01/07 00:01:59 | 003,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014/01/07 00:01:59 | 000,256,000 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys.bak
[2014/01/07 00:01:59 | 000,220,232 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\epfw.sys.bak
[2014/01/07 00:01:59 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys.bak
[2014/01/07 00:01:59 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys.bak
[2014/01/07 00:01:59 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys.bak
[2014/01/07 00:01:59 | 000,062,136 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\epfwwfp.sys.bak
[2014/01/07 00:01:59 | 000,044,120 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\EpfwLWF.sys.bak
[2014/01/07 00:01:59 | 000,032,768 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys.bak
[2014/01/07 00:01:59 | 000,022,528 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwupgrade.sys.bak
[2014/01/07 00:01:58 | 000,265,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014/01/07 00:01:58 | 000,254,528 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys.bak
[2014/01/07 00:01:58 | 000,239,320 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys.bak
[2014/01/07 00:01:58 | 000,239,296 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\edevmon.sys.bak
[2014/01/07 00:01:58 | 000,168,256 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys.bak
[2014/01/07 00:01:58 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014/01/07 00:01:58 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014/01/07 00:01:58 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dmvsc.sys.bak
[2014/01/07 00:01:58 | 000,055,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014/01/07 00:01:58 | 000,028,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014/01/07 00:01:58 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014/01/07 00:01:58 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014/01/07 00:01:57 | 002,725,376 | ---- | M] (C-Media Inc) -- C:\Windows\SysNative\drivers\cmudaxp.sys.bak
[2014/01/07 00:01:57 | 000,179,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014/01/07 00:01:57 | 000,039,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014/01/07 00:01:56 | 000,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014/01/07 00:01:55 | 000,312,184 | ---- | M] () -- C:\Windows\SysNative\drivers\ArcSec.sys.bak
[2014/01/07 00:01:55 | 000,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014/01/07 00:01:55 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/07 00:01:55 | 000,155,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014/01/07 00:01:55 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014/01/07 00:01:55 | 000,028,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014/01/07 00:01:55 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014/01/07 00:01:55 | 000,015,416 | ---- | M] () -- C:\Windows\SysNative\drivers\ASACPI.sys.bak
[2014/01/07 00:01:54 | 000,285,280 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys.bak
[2014/01/07 00:01:54 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014/01/06 23:14:21 | 000,214,392 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014/01/06 21:37:29 | 003,810,304 | ---- | M] () -- C:\Users\Asus\Desktop\RogueKiller.exe
[2014/01/06 10:36:01 | 001,233,962 | ---- | M] () -- C:\Users\Asus\Desktop\adwcleaner.exe
[2014/01/05 12:44:10 | 000,000,926 | ---- | M] () -- C:\Users\Asus\Desktop\HD Tune.lnk
[2014/01/05 01:06:07 | 000,606,352 | ---- | M] () -- C:\Users\Asus\Documents\Screenshot_16.png
[2014/01/04 12:58:37 | 000,935,175 | ---- | M] () -- C:\Users\Asus\Desktop\RSITx64.exe
[2014/01/02 04:15:08 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2014/01/01 18:41:07 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/12/31 22:59:05 | 000,000,021 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\ISOWorkshop.ini
[2013/12/26 15:35:15 | 000,001,546 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013/12/18 03:43:22 | 000,001,288 | ---- | M] () -- C:\Users\Asus\Desktop\Minecraft.lnk
[2013/12/12 05:31:00 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/12 05:31:00 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/11 12:29:08 | 000,320,192 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/10 03:13:11 | 000,982,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2013/12/10 03:13:01 | 001,100,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll

========== Files Created - No Company Name ==========

[2014/01/07 19:10:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/07 15:56:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/07 15:56:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/07 15:56:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/07 15:56:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/07 15:56:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/01/06 21:40:30 | 000,312,184 | ---- | C] () -- C:\Windows\SysNative\drivers\ArcSec.sys.bak
[2014/01/06 21:40:30 | 000,015,416 | ---- | C] () -- C:\Windows\SysNative\drivers\ASACPI.sys.bak
[2014/01/06 21:37:26 | 003,810,304 | ---- | C] () -- C:\Users\Asus\Desktop\RogueKiller.exe
[2014/01/06 10:35:58 | 001,233,962 | ---- | C] () -- C:\Users\Asus\Desktop\adwcleaner.exe
[2014/01/05 12:44:10 | 000,000,926 | ---- | C] () -- C:\Users\Asus\Desktop\HD Tune.lnk
[2014/01/05 01:06:07 | 000,606,352 | ---- | C] () -- C:\Users\Asus\Documents\Screenshot_16.png
[2014/01/04 12:58:36 | 000,935,175 | ---- | C] () -- C:\Users\Asus\Desktop\RSITx64.exe
[2013/12/18 03:43:05 | 000,001,288 | ---- | C] () -- C:\Users\Asus\Desktop\Minecraft.lnk
[2013/10/03 19:45:48 | 003,894,632 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013/03/17 20:56:38 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2013/03/13 03:30:05 | 000,214,392 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/03/13 03:30:05 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/03/13 02:43:35 | 000,001,546 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013/03/05 22:03:56 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2013/03/05 17:11:49 | 000,000,021 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\ISOWorkshop.ini
[2013/03/05 16:54:56 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2013/03/05 16:54:56 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/03/05 16:45:05 | 000,871,608 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/05 15:59:42 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2013/03/05 15:59:42 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini
[2013/03/05 15:59:41 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll
[2013/03/05 15:59:41 | 000,042,457 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
[2013/03/05 15:59:39 | 000,000,946 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
[2013/03/05 15:59:36 | 000,004,969 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
[2013/03/05 15:59:35 | 000,000,516 | ---- | C] () -- C:\Windows\cmudaxp.ini
[2013/03/05 15:47:21 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/12/18 14:07:40 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\.minecraft
[2013/03/06 13:02:51 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Acronis
[2013/03/05 15:59:49 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\ASUS
[2013/07/27 22:31:45 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DAEMON Tools Lite
[2013/03/05 22:03:15 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DassaultSystemes
[2013/05/05 10:38:58 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\EDrawings
[2013/03/05 16:35:21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\ESET
[2013/03/05 16:24:54 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\HEXelon
[2013/03/05 16:06:51 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Leadertech
[2013/06/03 12:25:32 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\mkvtoolnix
[2013/03/05 17:39:50 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Opera
[2013/07/30 22:53:31 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Origin
[2014/01/06 23:56:28 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TS3Client
[2013/03/05 17:47:00 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\XnView

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,032,508 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013/10/09 08:02:42 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec4bd8c6f2fb4.job
[2013/12/05 02:08:31 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef156835fb469.job

< >

< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012/06/02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010/11/21 04:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013/05/10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013/10/05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012/06/04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013/05/10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2012/06/02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012/06/02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010/11/21 04:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013/05/10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013/10/05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysNative\drivers\iaStor.sys
[2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\erdnt\cache64\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\SysNative\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2012/08/24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012/06/04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2013/09/25 02:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013/03/19 03:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013/08/02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013/07/08 03:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013/03/19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/05/08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010/11/21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/05/08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2013/07/06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013/01/03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013/01/04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013/07/06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/07/06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010/11/21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/12/18 14:07:40 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\.minecraft
[2013/03/06 13:02:51 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Acronis
[2013/05/15 01:27:48 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Adobe
[2013/03/06 00:03:46 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\ArcSoft
[2013/03/05 15:59:49 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\ASUS
[2013/07/27 22:31:45 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DAEMON Tools Lite
[2013/03/05 22:03:15 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DassaultSystemes
[2014/01/06 18:24:48 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\dvdcss
[2013/05/05 10:38:58 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\EDrawings
[2013/03/05 16:35:21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\ESET
[2013/03/05 22:03:54 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\help_images_otherUI
[2013/03/05 16:24:54 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\HEXelon
[2013/03/05 15:36:25 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Identities
[2013/03/05 15:51:31 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\InstallShield
[2013/03/05 16:06:51 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Leadertech
[2013/03/05 16:06:02 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Logishrd
[2013/03/05 16:06:02 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Logitech
[2013/05/15 01:27:48 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Macromedia
[2013/06/23 09:20:01 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Malwarebytes
[2010/11/21 16:10:46 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Media Center Programs
[2014/01/07 17:45:51 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Media Player Classic
[2013/10/04 15:59:51 | 000,000,000 | --SD | M] -- C:\Users\Asus\AppData\Roaming\Microsoft
[2013/06/03 12:25:32 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\mkvtoolnix
[2013/06/01 10:04:17 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Mozilla
[2013/03/05 17:10:01 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Nero
[2013/11/17 19:09:38 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\NVIDIA
[2013/03/05 17:39:50 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Opera
[2013/07/30 22:53:31 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Origin
[2013/05/23 13:27:49 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\SolidWorks
[2014/01/06 23:56:28 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TS3Client
[2014/01/06 18:26:20 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\vlc
[2013/03/05 16:17:49 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\WinRAR
[2013/03/05 17:47:00 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\XnView

< %APPDATA%\*.exe /s >
[2013/03/05 16:50:12 | 000,284,147 | R--- | M] () -- C:\Users\Asus\AppData\Roaming\Microsoft\Installer\{C7311329-C491-427B-8880-133E84869B3A}\_1892021E6FA422C719E0B9.exe
[2013/03/05 16:50:12 | 000,284,147 | R--- | M] () -- C:\Users\Asus\AppData\Roaming\Microsoft\Installer\{C7311329-C491-427B-8880-133E84869B3A}\_1A6187ECA513F315A0AD6B.exe
[2013/03/05 16:50:12 | 000,284,147 | R--- | M] () -- C:\Users\Asus\AppData\Roaming\Microsoft\Installer\{C7311329-C491-427B-8880-133E84869B3A}\_6FEFF9B68218417F98F549.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/01/06 23:14:21 | 000,214,392 | ---- | M] () -- C:\Windows\system32\PnkBstrB.ex0
[2014/01/07 16:28:35 | 000,214,392 | ---- | M] () -- C:\Windows\system32\PnkBstrB.exe

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/01/07 19:10:50 | 000,000,512 | ---- | M] () MD5=74B41C1B7F36631EA591A050D84A75EB -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2010/11/11 14:34:44 | 000,002,935 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 5\PlayerLoader.htm
[2010/10/14 15:29:04 | 000,000,337 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 5\PlayerLoader.mcl
[2010/12/30 17:28:38 | 000,062,016 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 5\PlayerLoader32\HookLoader32.dll
[2010/12/30 17:29:58 | 000,058,944 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 5\PlayerLoader32\HookLoader32.exe
[2010/12/30 17:28:50 | 000,387,648 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 5\PlayerLoader32\PlayerLoader32.dll
[2010/12/30 17:29:02 | 000,071,232 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 5\PlayerLoader64\HookLoader64.dll
[2010/12/30 17:29:58 | 000,065,088 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 5\PlayerLoader64\HookLoader64.exe
[2010/12/30 17:29:02 | 000,506,432 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Theatre 5\PlayerLoader64\PlayerLoader64.dll
[2012/10/06 09:24:08 | 001,724,008 | ---- | M] () -- \Program Files (x86)\Common Files\Manažer instalací SolidWorks\20.0\sldimdownloader.exe
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2008/07/30 09:06:58 | 000,072,192 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2008/07/29 02:43:16 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2008/07/10 15:33:02 | 000,019,992 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2008/07/10 15:33:04 | 000,019,992 | ---- | M] () -- \Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SqlResourceLoader.dll
[2013/12/10 03:13:27 | 001,168,672 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013/07/25 02:43:28 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013/07/25 02:43:30 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013/07/25 02:43:12 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013/07/25 02:43:12 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013/12/10 03:13:27 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{58B116EC-E566-441B-9F3D-95CBEF4C1EC0}\ExtensionLoader.dll
[2013/08/27 22:15:54 | 001,177,888 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{D96B6EBA-1274-4AE8-8016-F796C797D22D}\ExtensionLoader.dll
[2012/10/05 22:08:30 | 007,951,872 | ---- | M] () -- \Program Files\SolidWorks Corp\SolidWorks\photoview\swkloader64_libFNP.dll
[2012/10/05 22:08:30 | 003,263,488 | ---- | M] () -- \Program Files\SolidWorks Corp\SolidWorks\photoview\extra\swkloader64.lx
[2011/04/29 06:34:02 | 000,014,398 | ---- | M] () -- \Program Files\SolidWorks Corp\SolidWorks\photoview\extra\scripts\pv_envloader.py
[2012/10/06 03:45:44 | 000,163,840 | ---- | M] () -- \Program Files\SolidWorks Corp\SolidWorks\sld3DViaUploader\sld3dViaUploader.exe
[2012/10/06 08:05:50 | 000,632,424 | ---- | M] () -- \Program Files\SolidWorks Corp\SolidWorks\sldutils\SwLoaderSw.dll
[2012/10/06 08:06:22 | 000,136,808 | ---- | M] () -- \Program Files\SolidWorks Corp\SolidWorks\sldutils\lang\czech\SwLoaderSwResu.dll
[2012/10/06 08:06:32 | 000,136,296 | ---- | M] () -- \Program Files\SolidWorks Corp\SolidWorks\sldutils\lang\English\SwLoaderSwResu.dll
[2012/06/09 19:19:37 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013/08/22 16:13:03 | 000,492,832 | ---- | M] () -- \Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp\4.4.2_0\uploader.dll
[2013/03/05 21:54:48 | 000,001,606 | ---- | M] () -- \Users\Asus\AppData\Roaming\SolidWorks\Installation Logs\Misc Logs\sldIMDownloaderLog_00001.txt
[2010/08/30 10:07:04 | 000,072,544 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\670F66C4BA3D8C94584DAB6A8DF2AC2E\20.150.80\PhysXLoader64.dll.72AC20DB_37D3_1016_B346_A7FD958F5C39
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 06:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2010/11/21 16:00:29 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 16:00:29 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2010/11/21 16:00:29 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2010/11/21 16:00:29 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2010/11/21 16:00:29 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2013/03/05 18:04:58 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013/03/05 18:04:58 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013/03/05 18:04:58 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013/03/05 18:04:58 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013/03/05 18:04:59 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010/11/21 15:59:29 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 05:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013/09/13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013/10/09 08:35:05 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2005/10/28 15:29:20 | 000,000,592 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\EnumerateSerialPorts.snippet
[2005/10/28 15:29:20 | 000,001,178 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\ReadDatafromaSerialPort.snippet
[2005/10/28 15:29:20 | 000,001,492 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\UseaSerialPorttoDialaPhoneNumber.snippet
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/09/13 01:23:44 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013/10/09 08:35:28 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/09/16 23:49:19 | 000,000,075 | ---- | M] () -- \Users\Asus\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fonline-serialy-zdarma.info%2Ffavicon.png
[2013/11/29 16:20:23 | 000,000,363 | ---- | M] () -- \Users\Asus\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fserialy.kinotip.cz%2Ffavicon.png
[2013/05/30 21:55:45 | 000,000,769 | ---- | M] () -- \Users\Asus\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serials4you.cz%2Findex_soubory%2Fikona.png
[2013/11/29 16:20:42 | 000,000,339 | ---- | M] () -- \Users\Asus\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialycz.cz%2Fwp-content%2Fthemes%2Farras%2Fimages%2Ffavicon.png
[2013/09/14 22:03:35 | 000,000,544 | ---- | M] () -- \Users\Asus\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.sledujuserialy.cz%2Ffavicon.png
[2013/11/29 16:20:18 | 000,000,089 | ---- | M] () -- \Users\Asus\AppData\Local\Opera\Opera\icons\online-serialy-zdarma.info.idx
[2013/05/30 21:55:58 | 000,000,218 | ---- | M] () -- \Users\Asus\AppData\Local\Opera\Opera\icons\www.serials4you.cz.idx
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/16 15:22:43 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/16 18:47:11 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013/08/16 15:20:31 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/16 20:53:51 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013/08/16 23:11:05 | 000,304,640 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\1729a1c27c4c29abc3a3982df67c3e9d\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/16 23:11:05 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\1729a1c27c4c29abc3a3982df67c3e9d\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013/10/09 09:54:26 | 002,786,816 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\be5f0f2e208bbb3c647acfbc33434251\System.Runtime.Serialization.ni.dll
[2013/10/09 09:54:25 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\be5f0f2e208bbb3c647acfbc33434251\System.Runtime.Serialization.ni.dll.aux
[2013/07/20 01:11:36 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\e9ae6390ba678193c056e647edb44849\System.Xml.Serialization.ni.dll
[2013/07/20 01:11:36 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\e9ae6390ba678193c056e647edb44849\System.Xml.Serialization.ni.dll.aux
[2013/08/16 20:59:40 | 000,373,248 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\6306ff71e246e8da5d0fb73a2c9c7766\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/16 20:59:40 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\6306ff71e246e8da5d0fb73a2c9c7766\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013/10/09 09:50:47 | 003,602,944 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\8c26dbe126ceffec534b49eefd37dd36\System.Runtime.Serialization.ni.dll
[2013/10/09 09:50:47 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\8c26dbe126ceffec534b49eefd37dd36\System.Runtime.Serialization.ni.dll.aux
[2013/07/20 01:18:10 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\a2556a1137fbb8361cee016477e7f692\System.Xml.Serialization.ni.dll
[2013/07/20 01:18:10 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\a2556a1137fbb8361cee016477e7f692\System.Xml.Serialization.ni.dll.aux
[2012/07/09 00:40:08 | 001,050,096 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0D741DA1E0EBC6D3CA11466FCD14361F\4.5.50709\System.Runtime.Serialization.dll.amd64
[2012/07/09 00:40:08 | 001,050,096 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0D741DA1E0EBC6D3CA11466FCD14361F\4.5.50709\System.Runtime.Serialization.dll.x86
[2012/07/09 00:40:08 | 001,050,096 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\0D741DA1E0EBC6D3CA11466FCD14361F\4.5.50709\System.Runtime.Serialization.dll_gac_x86
[2012/07/09 00:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/09 00:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2012/07/09 00:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2012/07/09 00:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/07/09 12:45:48 | 001,051,288 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/07/09 00:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2012/07/09 00:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2005/09/23 07:56:56 | 000,008,007 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.xml
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/07/09 12:45:48 | 001,051,288 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2012/07/09 00:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/09 00:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012/07/09 00:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012/07/09 00:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012/07/09 00:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2012/07/09 00:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/07/09 12:45:48 | 001,051,288 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2012/07/09 00:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/09 00:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012/07/09 00:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012/07/09 00:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012/07/09 00:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2012/07/09 00:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2010/11/21 16:00:02 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2010/11/21 16:00:02 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2010/11/21 16:00:00 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009/07/14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010/11/21 16:00:06 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013/03/05 18:04:59 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013/03/05 18:04:59 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2010/11/21 16:00:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009/07/14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2010/11/21 16:00:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 04:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 04:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 04:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2010/11/21 15:59:36 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 19:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 18:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010/11/21 04:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 04:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010/11/21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2010/11/21 16:00:02 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/11/21 04:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 178 bytes -> C:\ProgramData\TEMP:9638A27E

< End of report >

OTL Extras logfile created on: 7. 1. 2014 19:09:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asus\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

8,00 Gb Total Physical Memory | 6,35 Gb Available Physical Memory | 79,38% Memory free
16,00 Gb Paging File | 14,22 Gb Available in Paging File | 88,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238,38 Gb Total Space | 198,05 Gb Free Space | 83,08% Space Free | Partition Type: NTFS
Drive D: | 59,62 Gb Total Space | 30,85 Gb Free Space | 51,74% Space Free | Partition Type: NTFS
Drive E: | 465,75 Gb Total Space | 212,97 Gb Free Space | 45,73% Space Free | Partition Type: NTFS
Drive F: | 1397,25 Gb Total Space | 75,49 Gb Free Space | 5,40% Space Free | Partition Type: NTFS
Drive G: | 1397,20 Gb Total Space | 1241,68 Gb Free Space | 88,87% Space Free | Partition Type: NTFS
Drive H: | 1397,20 Gb Total Space | 748,31 Gb Free Space | 53,56% Space Free | Partition Type: NTFS

Computer Name: ASUS-PC | User Name: Asus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-265218232-1932774586-2238277341-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Prehliadať v XnView] -- "C:\Program Files (x86)\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Prehliadať v XnView] -- "C:\Program Files (x86)\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022C86B8-49D2-4877-B4B5-A7482706FA5D}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{083D42A0-F251-40E0-A351-C9CC767A4A2E}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{17BA9D70-38B1-4E3A-BF89-F8967A607533}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{1EF4CDEF-B8DA-459A-A0BF-FF13BFDD8169}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2602893F-4AA9-48B9-A509-CE44E35BC2CB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{2D08FE7B-0043-46CA-90EC-8E76D1523741}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{30C32CD2-8B55-4187-8B06-4CF1A9E33AF5}" = lport=445 | protocol=6 | dir=in | app=system |
"{328057FF-7465-4175-A0E8-CE4F8202A370}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{39D51250-2F94-4DE4-BA47-9CF1DB9184EA}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{455FA157-086E-4711-B5D0-00C364CAECAF}" = lport=139 | protocol=6 | dir=in | app=system |
"{4E871DE3-3373-4FB0-8249-4D1E2289B6B0}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5032890D-AC86-4D4F-BB21-23D4AE3612E3}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{578D8F60-56FC-4A0E-BEFB-C5299E21F913}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5B2727B7-74F1-4097-A86A-672BA8260937}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{5FDD1AB1-3625-4FC9-8CB0-1FB5A296202B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{60A17EF5-2145-4960-B7E5-C4731D43C971}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{6530299F-955F-4A18-A9C3-DA2CBFEDFCC9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{68B8826B-9396-4140-991E-1C88FE3ED170}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{71328BC6-D118-443E-BBD8-DCC45D6F0137}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{876748E1-3CFF-422A-9220-60B7B4C37ADE}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9058574F-FC05-4B98-AE5C-A997C0D8A961}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9E774FD2-BDA6-4A56-B239-86E5096E511F}" = rport=139 | protocol=6 | dir=out | app=system |
"{9F0D1BF1-9A29-4C3D-97CB-EA32CB5E53AF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A068B419-424C-4CC1-8206-C63C5E3DDE22}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A0ACCA2B-8CB1-4989-9850-BD4E64437EA7}" = rport=445 | protocol=6 | dir=out | app=system |
"{A2F1CA4E-55CE-4141-92C1-20EA45387DCC}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{ABCFC1B3-AEFA-4EAF-AC82-D3DE32064AE6}" = lport=137 | protocol=17 | dir=in | app=system |
"{AC29EED9-E13A-4222-BB30-750D6AF22BBC}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B47A4F5A-90D0-4403-B647-C9C38299C306}" = rport=138 | protocol=17 | dir=out | app=system |
"{C5010D3E-CDB6-41F2-890C-86F45314C691}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C9EFB895-468A-4E03-8E14-C96D697E24B2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D6008E2C-39C2-4D7D-9CA9-391A036FE19D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{DCF747CB-1D92-4D30-8B47-8EE69F458459}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F1DAF6F2-656F-4233-9E71-D92025F2F741}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F9F30A4F-3FB2-4DB1-8118-4A83A61C431F}" = rport=137 | protocol=17 | dir=out | app=system |
"{FA4436A4-B75F-44AE-A9C7-7247287D856A}" = lport=138 | protocol=17 | dir=in | app=system |
"{FE7B218F-5860-4BCA-A97B-245A4B3ACA3D}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D8B9F2-50B9-465C-94E1-553FE30699D7}" = protocol=6 | dir=in | app=d:\origin games\battlefield 4\bf4_x86.exe |
"{0E959F47-3269-4114-A947-9E3892B84CAF}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{40929D09-BF22-4207-A54F-AB996D0EE2DB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{53D6F01E-8057-43ED-8AF6-9BEBBD603B39}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{56984495-355D-4AA3-84AD-3A15EEF9432C}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{5739C10B-A5D9-485D-9832-201BFA5758DA}" = protocol=6 | dir=in | app=c:\program files\solidworks corp\solidworks\photoview\photoview360_cl.exe |
"{5BD1301D-D444-4239-9622-E26229CC4B39}" = protocol=17 | dir=in | app=c:\program files\solidworks corp\solidworks\photoview\photoview360.exe |
"{6E50C8A5-3097-48A9-8198-C9F9ACD9FEDC}" = protocol=17 | dir=in | app=c:\program files\solidworks corp\solidworks\photoview\photoview360_cl.exe |
"{78102704-7668-49C3-B7C8-D5078899C96C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7EC7292B-194E-485A-858B-B752C7102497}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7EE9227D-6C32-4C08-9F3D-5A135E17C589}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7F8EB7ED-08EA-4A42-ACC4-0C47EFB5DFA5}" = protocol=6 | dir=in | app=c:\program files\solidworks corp\solidworks\photoview\photoview360.exe |
"{886E9E8E-1C5F-4297-810C-004FA47F820C}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{8BA5A113-11E2-49CF-B922-A40A1411BABE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{90BBEE8A-D68E-40E5-8CE5-63C9253ADD3E}" = protocol=17 | dir=in | app=c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe |
"{93C12237-874C-4161-A32E-71E355769A54}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{B10053BC-5029-43A3-BC20-AC68AF582EF2}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{DA5EA369-9DB8-46D6-A26D-3429F7F79520}" = protocol=6 | dir=in | app=c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe |
"{DBC2F356-F1CB-46F0-9243-B8A50E5CEA52}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DC162266-1994-42F4-863A-D221893A16DC}" = protocol=17 | dir=in | app=d:\origin games\battlefield 4\bf4.exe |
"{E483716C-744B-43E9-A949-03C9252FEECA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E9776574-E881-4612-A2C0-537A8BEA5A52}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F45C8D9E-9AAC-4A86-A126-3288A6FD92EB}" = protocol=6 | dir=in | app=d:\origin games\battlefield 4\bf4.exe |
"{F536E9E9-4464-4902-B69F-09FF8940FCE2}" = protocol=17 | dir=in | app=d:\origin games\battlefield 4\bf4_x86.exe |
"{F8D3B619-29B2-4350-B41F-3E47B3800653}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F96E7063-397A-4519-96B7-32E51AA34F4C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.5.6366 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C66F076-D3AB-49C8-85D4-BAA6D82FCAE2}" = SolidWorks 2012 x64 Edition SP05
"{542DDF04-9F91-4F36-B2F4-2638B788A4C8}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"{5866DD36-8055-475B-A5C3-82C04091D14E}" = BF3 Settings Editor
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{65DDB7D8-5E04-45DF-B60E-89557ED37ED2}" = SolidWorks Explorer 2012 SP05 x64 Edition
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{91B765A6-D8CD-4DCC-B5C3-B04E5B563482}" = SolidWorks eDrawings 2012 x64 Edition SP05
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision radič ovládača 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovládač zvuku HD 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{BA1C72D0-CF47-437C-8A58-C0C992DA05E3}" = ESET Smart Security
"{C7311329-C491-427B-8880-133E84869B3A}" = Vista Shortcut Manager x64
"{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}" = Microsoft SQL Server 2008 Native Client
"{CCD4B0FC-DB6D-4741-982E-031627F22691}" = SolidWorks 2012 x64 Czech Resources
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{EB9400D5-6289-4F9F-9B79-B3528101C0C7}" = SolidWorks Flow Simulation 2012 SP05 x64 Edition
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1" = PDF-XChange 2012 Pro
"CCleaner" = CCleaner
"C-Media Oxygen HD Audio Driver" = ASUS Xonar DS Audio Driver
"CPUID ROG CPU-Z_is1" = CPUID ROG CPU-Z 1.63
"Defraggler" = Defraggler
"Logitech Gaming Software" = Logitech Gaming Software 8.40
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"Sandboxie" = Sandboxie 3.76 (64-bit)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-bitová verzia)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0214578F-4888-43FB-9E34-C14FCFDEDDEB}" = Razer Nostromo
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{06E34C00-0446-4176-81C8-A5DAFE53CA36}" = Acronis Disk Director
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3F36F1F6-D55E-4C60-A9DD-809FED24CED7}_is1" = Active@ KillDisk 7.1
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77033683-0816-4D7D-8BF1-3949B4E9823D}" = Battlefield 3™
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_STANDARD_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARD_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_STANDARD_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARD_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARD_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041B-1000-0000000FF1CE}_STANDARD_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_STANDARD_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}" = ArcSoft TotalMedia Theatre 5
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D6D76A6-4328-49E8-97A7-531A74841DA5}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Battlelog Web Plugins" = Battlelog Web Plugins
"DAEMON Tools Lite" = DAEMON Tools Lite
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}" = ArcSoft TotalMedia Theatre 5
"ISO Workshop_is1" = ISO Workshop 3.8
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"MKVToolNix" = MKVToolNix 6.2.0
"Mobile Partner" = Mobile Partner
"Nero8Lite_is1" = Nero 8 Micro
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Opera 12.16.1860" = Opera 12.16
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"SolidWorks Installation Manager 20120-40500-1100-100" = SolidWorks 2012 x64 Edition SP05
"STANDARD" = Microsoft Office Standard 2007
"TC UP" = Total Commander Ultima Prime 5.7.0.0
"TeamViewer 8" = TeamViewer 8
"VLC media player" = VLC media player 2.0.8
"XnView_is1" = XnView 1.99.6

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7. 1. 2014 11:57:43 | Computer Name = Asus-PC | Source = WinMgmt | ID = 10
Description =

Error - 7. 1. 2014 12:00:10 | Computer Name = Asus-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 7. 1. 2014 12:00:10 | Computer Name = Asus-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 7. 1. 2014 12:45:50 | Computer Name = Asus-PC | Source = Windows Search Service | ID = 1019
Description =

Error - 7. 1. 2014 12:47:06 | Computer Name = Asus-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 7. 1. 2014 12:47:06 | Computer Name = Asus-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 7. 1. 2014 12:47:06 | Computer Name = Asus-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 7. 1. 2014 12:48:51 | Computer Name = Asus-PC | Source = WinMgmt | ID = 10
Description =

Error - 7. 1. 2014 12:51:09 | Computer Name = Asus-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 7. 1. 2014 12:51:09 | Computer Name = Asus-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

[ System Events ]
Error - 7. 1. 2014 12:46:22 | Computer Name = Asus-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Peer Name Resolution Protocol, od ktorej závisí služba
Peer Networking Grouping, zlyhalo kvôli nasledujúcej chybe: %%-2140993535

Error - 7. 1. 2014 13:00:31 | Computer Name = Asus-PC | Source = PNRPSvc | ID = 102
Description =

Error - 7. 1. 2014 13:00:31 | Computer Name = Asus-PC | Source = Service Control Manager | ID = 7023
Description = Služba Peer Name Resolution Protocol bola ukončená s nasledujúcou
chybou: %%-2140993535

Error - 7. 1. 2014 13:00:31 | Computer Name = Asus-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Peer Name Resolution Protocol, od ktorej závisí služba
Peer Networking Grouping, zlyhalo kvôli nasledujúcej chybe: %%-2140993535

Error - 7. 1. 2014 13:00:42 | Computer Name = Asus-PC | Source = PNRPSvc | ID = 102
Description =

Error - 7. 1. 2014 13:00:42 | Computer Name = Asus-PC | Source = PNRPSvc | ID = 102
Description =

Error - 7. 1. 2014 13:00:42 | Computer Name = Asus-PC | Source = Service Control Manager | ID = 7023
Description = Služba Peer Name Resolution Protocol bola ukončená s nasledujúcou
chybou: %%-2140993535

Error - 7. 1. 2014 13:00:42 | Computer Name = Asus-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Peer Name Resolution Protocol, od ktorej závisí služba
Peer Networking Grouping, zlyhalo kvôli nasledujúcej chybe: %%-2140993535

Error - 7. 1. 2014 13:00:42 | Computer Name = Asus-PC | Source = Service Control Manager | ID = 7023
Description = Služba Peer Name Resolution Protocol bola ukončená s nasledujúcou
chybou: %%-2140993535

Error - 7. 1. 2014 13:00:42 | Computer Name = Asus-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Peer Name Resolution Protocol, od ktorej závisí služba
Peer Networking Grouping, zlyhalo kvôli nasledujúcej chybe: %%-2140993535


< End of report >

Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

V Esete Smart Security 7 som dal dočasne vypnúť ochranu aj firewall neviem či to tak stačí. Cez ccleaner ked chcem zrušiť spúštanie esetu po štarte tak mi to nedovolí.

blackli píše:V Esete Smart Security 7 som dal dočasne vypnúť ochranu aj firewall neviem či to tak stačí.

Staci