VIRY.CZ

Poprosím o kontrolu logu...
Vdaka velka vopred.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Zdenko at 2014-02-02 14:51:31
Microsoft Windows 7 Ultimate
System drive C: has 19 GB (15%) free of 121 GB
Total RAM: 1791 MB (33% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\ParetoLogic Registration3.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WebIE.dll [2012-10-08 503808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44D40677-D8DA-C979-5FDA-154BFBA89E88}]
Broiwseu22saave - C:\ProgramData\Broiwseu22saave\517c266fe6194.dll [2013-04-27 118272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-09-03 343424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-09-03 343424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WebIE.dll [2012-10-08 503808]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-09-03 343424]
{ae07101b-46d4-4a98-af68-0333ea26e113}
{3444c3c5-6c56-4a16-a453-832b05bf6ea4}
10

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-02 13789728]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2013-09-03 41336]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2013-09-03 840568]
""= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
"msrwetwSrv"=C:\Windows\system32\msrwetw.vbe [2013-12-03 583]
"msvbeoSrv"=C:\Windows\inf\msvbeo.vbe [2013-08-27 1558]
"msqtbetSrv"=C:\Windows\system32\msqtbet.vbe [2013-12-10 583]
"msgmfigSrv"=C:\Windows\system32\msgmfig.vbe [2013-12-03 583]
"NtVdmSrv"=C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"DAEMON Tools Ultra Agent"=C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [2013-06-25 3128352]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

C:\Users\Zdenko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Zdenko\AppData\Roaming\Dropbox\bin\Dropbox.exe
Obrazovková spinka a spúštac programu OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~2\Wincert\WIN32C~1.DLL c:\progra~1\movies~1\safety~1\safety~2.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SMPCHelper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tvnserver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\SETUP.EXE
shell\configure\command - F:\SETUP.EXE
shell\install\command - F:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\SETUP.EXE
shell\configure\command - G:\SETUP.EXE
shell\install\command - G:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
shell\AutoRun\command - I:\wubi.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\AutoRun\command - J:\HTC_Sync_Manager_PC.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a0bab4b-3351-11e3-b085-002243c0d077}]
shell\AutoRun\command - G:\wubi.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7474156b-334a-11e3-a5e8-002243c0d077}]
shell\AutoRun\command - G:\SETUP.EXE
shell\configure\command - G:\SETUP.EXE
shell\install\command - G:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{93cf62ad-221e-11e3-9289-002243c0d077}]
shell\AutoRun\command - G:\SETUP.EXE
shell\configure\command - G:\SETUP.EXE
shell\install\command - G:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb1aff6b-5101-11e3-b4ae-002243c0d077}]
shell\AutoRun\command - F:\HTC_Sync_Manager_PC.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e008757c-0d09-11e3-8648-002243c0d077}]
shell\AutoRun\command - J:\HTC_Sync_Manager_PC.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9b1a234-66f5-11e3-9f51-002243c0d077}]
shell\AutoRun\command - I:\wubi.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-02-02 14:49:53 ----D---- C:\Program Files\trend micro
2014-02-02 09:43:50 ----D---- C:\Users\Zdenko\AppData\Roaming\OpenOffice
2014-02-02 09:40:06 ----D---- C:\Program Files\OpenOffice 4
2014-01-19 11:07:57 ----D---- C:\ProgramData\SafetyNut
2014-01-05 21:06:09 ----D---- C:\sh4ldr
2014-01-05 21:06:09 ----D---- C:\Program Files\Enigma Software Group
2014-01-05 21:05:13 ----D---- C:\Windows\D3F93A5A7A5D4867B2A16F46500D006C.TMP
2014-01-05 21:05:09 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

======List of files/folders modified in the last 1 months======

2014-02-02 14:51:27 ----D---- C:\Windows\Prefetch
2014-02-02 14:51:25 ----D---- C:\Windows\system32\Tasks
2014-02-02 14:50:49 ----D---- C:\Windows\temp
2014-02-02 14:49:53 ----D---- C:\Program Files
2014-02-02 14:39:05 ----D---- C:\Users\Zdenko\AppData\Roaming\Dropbox
2014-02-02 12:19:02 ----D---- C:\Windows\system32\config
2014-02-02 09:47:48 ----D---- C:\Windows\Tasks
2014-02-02 09:42:02 ----SHD---- C:\Windows\Installer
2014-02-02 09:42:01 ----RSD---- C:\Windows\assembly
2014-02-02 09:42:01 ----D---- C:\Config.Msi
2014-02-02 09:40:43 ----RSD---- C:\Windows\Fonts
2014-02-02 09:39:50 ----SHD---- C:\System Volume Information
2014-02-01 17:30:32 ----D---- C:\Users\Zdenko\AppData\Roaming\Skype
2014-01-24 20:45:59 ----D---- C:\Windows\system32\NDF
2014-01-24 20:45:35 ----D---- C:\Windows\inf
2014-01-19 11:08:36 ----D---- C:\ProgramData\Wincert
2014-01-19 11:07:57 ----HD---- C:\ProgramData
2014-01-19 07:32:23 ----N---- C:\Windows\system32\MpSigStub.exe
2014-01-12 13:10:38 ----D---- C:\Windows\System32
2014-01-12 13:10:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-05 22:03:28 ----SD---- C:\Users\Zdenko\AppData\Roaming\Microsoft
2014-01-05 21:05:13 ----D---- C:\Windows
2014-01-05 21:05:09 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-13 32256]
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-13 9728]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-06-27 2191872]
R3 BthEnum;Ovladac pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-13 34816]
R3 BthPan;Zarízení Bluetooth (sít PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-13 93696]
R3 BTHUSB;Ovladac rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 CmBatt;Ovladac baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-07-13 14080]
R3 CompositeBus;Ovladac rozpoznávacího modulu složené sbernice; C:\Windows\system32\drivers\CompositeBus.sys [2010-11-20 31232]
R3 dtscsibus;DAEMON Tools Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtscsibus.sys [2013-10-12 24704]
R3 HdAudAddService;Ovladac funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2010-11-20 304128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-01 9786752]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-13 49152]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
R3 RFCOMM;Zarízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-13 129536]
R3 usbvideo;Zobrazovací zarízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 146816]
R3 vwifibus;Ovladac sbernice Virtual WiFi; C:\Windows\system32\DRIVERS\vwifibus.sys [2009-07-13 19968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2009-07-13 11264]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 1394ohci;Hostitelský radic pro rozhraní OHCI standardu 1394; C:\Windows\system32\drivers\1394ohci.sys [2010-11-20 164864]
S3 AcpiPmi;Ovladac merice napájení standardu ACPI; C:\Windows\system32\drivers\acpipmi.sys [2010-11-20 10240]
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-13 52736]
S3 amdsata;amdsata; C:\Windows\system32\drivers\amdsata.sys [2011-03-11 80256]
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2010-11-20 50176]
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-13 430080]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladac portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 drmkaud;Ovladace zvuku považované spolecností Microsoft za duveryhodné; C:\Windows\system32\drivers\drmkaud.sys [2009-07-13 5120]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-13 3100160]
S3 ErrDev;Ovladace chybového zarízení hardwaru Microsoft; C:\Windows\system32\drivers\errdev.sys [2009-07-13 7168]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys []
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-13 26624]
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-13 21504]
S3 HpSAMD;HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [2009-07-14 67152]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 23040]
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-13 4096]
S3 MSKSSRV;Server proxy služby datových proudu Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2009-07-13 8320]
S3 MSPCLOCK;Server proxy hodin datových proudu Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2009-07-13 5888]
S3 MSPQM;Server proxy správce kvality datových proudu Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2009-07-13 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudu Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2009-07-13 6144]
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-13 12288]
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-13 27136]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtl8187.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2010-11-20 26624]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 tsusbhub;tsusbhub; C:\Windows\system32\drivers\tsusbhub.sys []
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-13 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladac skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vhdmp;vhdmp; C:\Windows\system32\drivers\vhdmp.sys [2010-11-20 160128]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-09 65640]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-08-10 387616]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-08-10 178720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-02 211488]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SafetyNutManager2;SafetyNut Manager; C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe [2014-01-05 3446792]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 Disc Soft Bus Service;Disc Soft Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [2013-06-25 632352]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 KMService;KMService; C:\Windows\system32\srvany.exe [2003-04-18 8192]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2010-11-20 3179520]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2013-09-25 22016]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2010-11-20 523264]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-10 119408]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2013-09-25 22016]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-07 1343400]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2010-11-20 1203200]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Zdravim

Prispevek jsem oddelil od puvodniho - do cizich temat se nevstupuje

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna doamci verze

To ja prave neviem. Ja som zakupil Notebook s oficialnym OS a kamarat ktorý mi pred mnohými rokmi instaloval kalkulacky kvoli mojej praci, tak spminal, ze mi musel zmenit OS, ja som tomu vtedy nerozumel co aktualizoval. Ja by som rád využil operačný systém domáceho užívateľa, lebo ním aj som. Tak mi poraďte prosím

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

OTL logfile created on: 2.2.2014 16:51:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zdenko\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000405 | Country: Spojené království | Language: ENG | Date Format: dd/MM/yyyy

1,75 Gb Total Physical Memory | 0,70 Gb Available Physical Memory | 39,87% Memory free
3,50 Gb Paging File | 1,55 Gb Available in Paging File | 44,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 118,10 Gb Total Space | 18,23 Gb Free Space | 15,43% Space Free | Partition Type: NTFS
Drive D: | 114,79 Gb Total Space | 71,90 Gb Free Space | 62,64% Space Free | Partition Type: NTFS
Drive F: | 3,76 Gb Total Space | 3,66 Gb Free Space | 97,45% Space Free | Partition Type: FAT32
Drive G: | 895,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: ZDENKO-PC | User Name: Zdenko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.02.02 16:48:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zdenko\Desktop\OTL.exe
PRC - [2014.01.05 10:30:41 | 003,603,976 | ---- | M] (SafetyNut Inc.) -- C:\Program Files\Movies Toolbar\SafetyNut\safetynut.exe
PRC - [2014.01.05 10:30:36 | 003,446,792 | ---- | M] (SafetyNut Inc.) -- C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe
PRC - [2014.01.03 00:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Users\Zdenko\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.12.10 20:02:39 | 000,390,256 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2013.10.27 22:31:03 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2013.10.23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.10.23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.10.09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.09.03 13:54:02 | 000,840,568 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2013.07.02 09:16:32 | 000,507,264 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2013.06.25 08:49:48 | 000,632,352 | ---- | M] (Disc Soft Ltd) -- C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
PRC - [2013.05.09 23:57:24 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.07 18:27:50 | 000,167,424 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.11.23 02:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.02.25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.09.25 08:24:36 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2009.07.14 01:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe
PRC - [2009.06.19 09:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 16:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.22 16:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe


========== Modules (No Company Name) ==========

MOD - [2014.01.05 10:30:46 | 000,485,384 | ---- | M] () -- C:\Program Files\Movies Toolbar\SafetyNut\safetycrt.dll
MOD - [2014.01.05 10:30:38 | 000,020,488 | ---- | M] () -- C:\Program Files\Movies Toolbar\SafetyNut\safetyldr.dll
MOD - [2014.01.03 00:45:04 | 003,558,400 | ---- | M] () -- C:\Users\Zdenko\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013.12.10 22:38:13 | 016,242,056 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013.12.10 20:02:42 | 003,017,840 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll
MOD - [2013.12.10 20:02:42 | 000,158,832 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013.12.10 20:02:42 | 000,023,152 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2013.10.27 22:31:05 | 000,835,584 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2013.10.27 22:31:05 | 000,312,832 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2013.10.27 22:31:05 | 000,158,208 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2013.10.27 22:31:05 | 000,101,888 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2013.10.27 22:31:05 | 000,096,256 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2013.10.27 22:31:05 | 000,094,208 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2013.10.27 22:31:05 | 000,093,696 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2013.10.27 22:31:05 | 000,073,728 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2013.10.27 22:31:05 | 000,067,072 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2013.10.27 22:31:05 | 000,062,976 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2013.10.27 22:31:05 | 000,057,344 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2013.10.27 22:31:05 | 000,038,912 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2013.10.18 23:55:02 | 025,100,288 | ---- | M] () -- C:\Users\Zdenko\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013.04.27 19:26:39 | 000,118,272 | ---- | M] () -- C:\ProgramData\Broiwseu22saave\517c266fe6194.dll
MOD - [2012.10.08 16:24:50 | 000,503,808 | ---- | M] () -- C:\TRANSLAT\WebIE.dll


========== Services (SafeList) ==========

SRV - [2014.01.05 10:30:36 | 003,446,792 | ---- | M] (SafetyNut Inc.) [Auto | Running] -- C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe -- (SafetyNutManager2)
SRV - [2013.12.10 22:38:17 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.10 20:03:10 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.11.26 08:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013.10.23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.10.09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.09.05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.06.25 08:49:48 | 000,632,352 | ---- | M] (Disc Soft Ltd) [On_Demand | Running] -- C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe -- (Disc Soft Bus Service)
SRV - [2013.05.27 04:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.05.09 23:57:24 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.07 18:27:50 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.10.07 22:42:42 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.08.10 15:59:50 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009.08.10 15:59:48 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2009.07.14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 01:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.06.15 16:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2003.04.18 19:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\taphss6.sys -- (taphss6)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\rtl8187.sys -- (RTL8187)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2013.10.12 15:18:49 | 000,024,704 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dtscsibus.sys -- (dtscsibus)
DRV - [2013.09.27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012.12.07 18:27:50 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2012.08.23 14:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 14:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011.06.27 00:37:12 | 002,191,872 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2011.05.13 02:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.05.13 02:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.05.13 02:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.05.13 02:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010.11.20 12:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 12:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 12:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 09:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 09:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 09:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.08.12 11:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.10.26 15:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.07.13 23:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.13 22:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.07.13 22:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.01 23:59:00 | 009,786,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.07.31 01:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=Bundlore ... 10/04/2013
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.aartemis.com/web/?type=ds&ts ... earchTerms}
IE - HKLM\..\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}: "URL" = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=Bundlore ... 10/04/2013
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=Bundlore ... 10/04/2013
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 80 7E F3 C9 A4 CD 01 [binary data]
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=Bundlore ... 10/04/2013
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=Bundlore ... 10/04/2013
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/?publisher=Bundlore ... 10/04/2013
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.conduit.com/Results.aspx? ... rms}&SSPV=
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www2.delta-search.com/?q={search ... 0&tsp=5006
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\..\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}: "URL" = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
IE - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013.01.22 09:34:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\speedanalysis03@SpeedAnalysis.com: C:\Users\Zdenko\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013.09.19 19:04:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedanalysis03@SpeedAnalysis.com: C:\Users\Zdenko\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com [2013.09.19 19:04:26 | 000,000,000 | ---D | M]

[2013.09.19 19:04:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zdenko\AppData\Roaming\Mozilla\Extensions
[2013.09.19 19:04:26 | 000,000,000 | ---D | M] (Speed Analysis 3) -- C:\Users\Zdenko\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com

O1 HOSTS File: ([2013.01.15 20:53:05 | 000,001,805 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WebIE.dll ()
O2 - BHO: (no name) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - No CLSID value found.
O2 - BHO: (Broiwseu22saave) - {44D40677-D8DA-C979-5FDA-154BFBA89E88} - C:\ProgramData\Broiwseu22saave\517c266fe6194.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WebIE.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [msgmfigSrv] C:\Windows\System32\msgmfig.vbe ()
O4 - HKLM..\Run: [msqtbetSrv] C:\Windows\System32\msqtbet.vbe ()
O4 - HKLM..\Run: [msrwetwSrv] C:\Windows\System32\msrwetw.vbe ()
O4 - HKLM..\Run: [msvbeoSrv] C:\Windows\inf\msvbeo.vbe ()
O4 - HKLM..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKU\.DEFAULT..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-18..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-21-1428903961-783849649-1519604710-1001..\Run: [DAEMON Tools Ultra Agent] C:\Program Files\DAEMON Tools Ultra\DTAgent.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1428903961-783849649-1519604710-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Zdenko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Zdenko\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Zdenko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Obrazovková spinka a spúšťač programu OneNote 2010.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1428903961-783849649-1519604710-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do programu Microsoft Excel - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&oslat do programu OneNote - Reg Error: Value error. File not found
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WebIE.dll ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : &Nastavi prekladaè - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Preloži &oznaèený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Preloži &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WebIE.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B88E7C74-BB09-478D-A9AE-E2B05483D3D3}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (c:\progra~1\movies~1\safety~1\safety~2.dll) - c:\Program Files\Movies Toolbar\SafetyNut\safetyldr.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsemngr.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsermngr.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bundlesweetimsetup.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\cltmngsvc.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta babylon.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta tb.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta2.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltainstaller.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltasetup.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltatb.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltatb_2501-c733154b.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\iminentsetup.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\rjatydimofu.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweetimsetup.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\tbdelta.exetoolbar783881609.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013.10.16 19:16:42 | 000,000,134 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{6a0bab4b-3351-11e3-b085-002243c0d077}\Shell - "" = AutoRun
O33 - MountPoints2\{6a0bab4b-3351-11e3-b085-002243c0d077}\Shell\AutoRun\command - "" = G:\wubi.exe -- [2013.10.16 19:16:42 | 002,560,216 | R--- | M] ()
O33 - MountPoints2\{7474156b-334a-11e3-a5e8-002243c0d077}\Shell - "" = AutoRun
O33 - MountPoints2\{7474156b-334a-11e3-a5e8-002243c0d077}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{7474156b-334a-11e3-a5e8-002243c0d077}\Shell\configure\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{7474156b-334a-11e3-a5e8-002243c0d077}\Shell\install\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{93cf62ad-221e-11e3-9289-002243c0d077}\Shell - "" = AutoRun
O33 - MountPoints2\{93cf62ad-221e-11e3-9289-002243c0d077}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{93cf62ad-221e-11e3-9289-002243c0d077}\Shell\configure\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{93cf62ad-221e-11e3-9289-002243c0d077}\Shell\install\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{a456f290-4f5b-11e2-864b-002243c0d077}\Shell - "" = AutoRun
O33 - MountPoints2\{b686ab32-4ffc-11e2-84f6-002243c0d077}\Shell - "" = AutoRun
O33 - MountPoints2\{cb1aff6b-5101-11e3-b4ae-002243c0d077}\Shell - "" = AutoRun
O33 - MountPoints2\{cb1aff6b-5101-11e3-b4ae-002243c0d077}\Shell\AutoRun\command - "" = F:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{cba6f181-4eb9-11e2-8a76-002243c0d077}\Shell - "" = AutoRun
O33 - MountPoints2\{e008757c-0d09-11e3-8648-002243c0d077}\Shell - "" = AutoRun
O33 - MountPoints2\{e008757c-0d09-11e3-8648-002243c0d077}\Shell\AutoRun\command - "" = J:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{e9b1a234-66f5-11e3-9f51-002243c0d077}\Shell - "" = AutoRun
O33 - MountPoints2\{e9b1a234-66f5-11e3-9f51-002243c0d077}\Shell\AutoRun\command - "" = I:\wubi.exe
O33 - MountPoints2\{f2cf645e-4dc8-11e2-ab29-002243c0d077}\Shell - "" = AutoRun
O33 - MountPoints2\{f2cf6469-4dc8-11e2-ab29-002243c0d077}\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\F\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\F\Shell\install\command - "" = F:\SETUP.EXE
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\G\Shell\configure\command - "" = G:\SETUP.EXE
O33 - MountPoints2\G\Shell\install\command - "" = G:\SETUP.EXE
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\wubi.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sasnative32)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\movies toolbar\safetynut\x64\safetycrt.dll) - File not found
O36 - AppCertDlls: x86 - (C:\Program Files\Movies Toolbar\SafetyNut\safetycrt.dll) - C:\Program Files\Movies Toolbar\SafetyNut\safetycrt.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014.02.02 16:48:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Zdenko\Desktop\OTL.exe
[2014.02.02 14:49:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.02 09:43:50 | 000,000,000 | ---D | C] -- C:\Users\Zdenko\AppData\Roaming\OpenOffice
[2014.02.02 09:41:40 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
[2014.02.02 09:40:06 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice 4
[2014.02.02 09:37:52 | 000,000,000 | ---D | C] -- C:\Users\Zdenko\Desktop\OpenOffice 4.0.1 (cs) Installation Files
[2014.02.01 18:25:52 | 000,000,000 | ---D | C] -- C:\Users\Zdenko\AppData\Local\havtech
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014.02.02 16:55:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.02 16:48:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zdenko\Desktop\OTL.exe
[2014.02.02 16:38:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.02.02 09:52:48 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.02 09:52:48 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.02 09:47:51 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2014.02.02 09:46:56 | 000,360,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014.02.02 09:46:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.02 09:46:16 | 1408,659,456 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.02 09:41:41 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
[2014.02.01 18:00:00 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.02.02 16:55:07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.02 09:41:41 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
[2014.01.12 11:47:17 | 000,001,697 | ---- | C] () -- C:\Users\Zdenko\AppData\Roaming\msrllk.dat
[2013.12.29 12:54:02 | 000,001,637 | ---- | C] () -- C:\Users\Zdenko\AppData\Roaming\mswsbjej.dat
[2013.12.26 20:41:52 | 000,000,028 | ---- | C] () -- C:\Users\Zdenko\AppData\Roaming\msjokmi.dat
[2013.12.26 20:41:52 | 000,000,028 | ---- | C] () -- C:\Users\Zdenko\AppData\Roaming\msdgmpg.dat
[2013.12.26 13:49:13 | 000,000,027 | ---- | C] () -- C:\Users\Zdenko\AppData\Roaming\mscfexm.dat
[2013.12.18 22:24:07 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2013.11.03 10:38:56 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2013.05.18 13:03:16 | 000,000,185 | ---- | C] () -- C:\Users\Zdenko\AppData\Local\SRDownloader.err
[2013.05.18 13:01:58 | 000,001,104 | ---- | C] () -- C:\Users\Zdenko\AppData\Local\SRDownloader.nast
[2013.02.23 16:47:59 | 000,007,597 | ---- | C] () -- C:\Users\Zdenko\AppData\Local\Resmon.ResmonCfg
[2013.01.15 17:27:02 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2013.01.15 17:27:02 | 000,040,129 | ---- | C] () -- C:\Windows\iccsigs.dat
[2013.01.15 17:27:02 | 000,000,149 | ---- | C] () -- C:\Windows\KPCMS.INI
[2012.12.24 19:16:59 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012.10.08 16:50:12 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.10.08 16:48:04 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.10.08 16:35:21 | 000,000,088 | ---- | C] () -- C:\Windows\STXKBD32.INI
[2012.10.08 16:24:30 | 000,002,455 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2012.10.07 22:47:25 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2012.09.26 19:57:16 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.09.26 19:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.09.26 19:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.09.26 19:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.09.26 19:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll

========== ZeroAccess Check ==========

[2013.03.31 18:32:30 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$7f3bd376d0380d8eb90d713acedcf5e6\L
[2013.12.18 07:36:45 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$7f3bd376d0380d8eb90d713acedcf5e6\U
[2013.03.31 18:56:39 | 000,000,804 | ---- | M] () -- C:\$Recycle.Bin\S-1-5-18\$7f3bd376d0380d8eb90d713acedcf5e6\L\00000004.@
[2009.07.14 04:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 01:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.09.15 12:02:15 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Babylon
[2012.11.04 15:07:02 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\BSplayer
[2012.11.04 14:05:07 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\BSplayer Pro
[2013.10.12 15:16:24 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\DAEMON Tools Ult
[2013.09.20 18:17:23 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\DAEMON Tools Ultra
[2013.12.19 21:42:40 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\DG
[2013.11.18 17:11:11 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\DigitalSite
[2013.09.19 19:16:10 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\DMCache
[2013.12.26 22:01:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\DriverCure
[2014.02.02 14:39:05 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Dropbox
[2013.11.04 10:46:10 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\HTC
[2013.03.16 17:39:17 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\IObit
[2012.10.08 16:29:46 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\LangSoft
[2013.03.16 19:43:58 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\NCdownloader
[2014.02.02 09:43:50 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\OpenOffice
[2012.10.07 20:29:03 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Opera
[2013.10.27 22:03:38 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Opera Software
[2013.12.26 22:01:07 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\ParetoLogic
[2013.09.19 19:06:21 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\PerformerSoft
[2012.10.16 17:34:20 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Samsung
[2013.09.19 19:04:26 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\SpeedAnalysis3
[2013.01.08 17:28:20 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Stealth Software
[2013.08.19 19:13:57 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Systweak
[2012.10.07 20:55:28 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Thunderbird
[2013.12.26 22:49:38 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\TightVNC
[2013.12.18 07:36:25 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\update_tc
[2013.09.19 18:54:38 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\uTorrent
[2013.09.19 19:44:10 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\VitySoft

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 04:53:46 | 000,032,604 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 04:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.11.04 17:36:56 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.12.21 19:54:00 | 000,000,266 | ---- | C] () -- C:\Windows\Tasks\AutoKMS.job
[2013.12.26 22:26:35 | 000,000,446 | ---- | C] () -- C:\Windows\Tasks\ParetoLogic Registration3.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows.old\Windows\ERDNT\cache\atapi.sys
[2009.07.14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows.old\Windows\System32\drivers\atapi.sys
[2009.07.14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 01:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 01:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 12:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows.old\Windows\System32\autochk.exe
[2010.11.20 12:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
[2010.11.20 12:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 12:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.13 23:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows.old\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2009.07.13 23:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 08:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows.old\Windows\System32\drivers\cdrom.sys
[2010.11.20 08:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 08:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows.old\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
[2010.11.20 08:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 08:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 08:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 05:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2011.02.26 05:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 01:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.07.14 01:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 05:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2011.02.26 05:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.10.31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 05:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2011.02.26 05:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 12:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2010.11.20 12:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old\Windows\ERDNT\cache\explorer.exe
[2011.02.25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old\Windows\explorer.exe
[2011.02.25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2011.02.25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 05:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 05:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 05:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.08.03 05:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 06:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2009.10.31 06:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 12:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows.old\Windows\System32\hal.dll
[2010.11.20 12:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2010.11.20 12:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 12:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 01:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
[2009.07.14 01:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 01:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2009.07.14 01:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 12:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows.old\Windows\ERDNT\cache\scecli.dll
[2010.11.20 12:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows.old\Windows\System32\scecli.dll
[2010.11.20 12:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
[2010.11.20 12:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 12:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 01:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows.old\Windows\ERDNT\cache\services.exe
[2009.07.14 01:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows.old\Windows\System32\services.exe
[2009.07.14 01:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2009.07.14 01:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 01:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\ERDNT\cache\svchost.exe
[2009.07.14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\System32\svchost.exe
[2009.07.14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 04:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.04.25 04:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 05:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows.old\Windows\ERDNT\cache\tcpip.sys
[2011.06.21 05:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 16:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 17:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 04:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2011.04.25 04:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 01:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2009.07.14 01:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 05:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 12:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2010.11.20 12:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 16:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 04:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 05:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 04:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2012.03.30 10:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2012.03.30 10:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 15:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 16:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013.09.07 02:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 06:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 06:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 05:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 10:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows.old\Windows\System32\drivers\tcpip.sys
[2012.03.30 10:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2012.03.30 10:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 04:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.04.25 04:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 09:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.03.30 09:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 05:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 06:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012.08.22 17:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010.06.14 06:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013.01.04 04:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 05:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2013.09.08 02:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013.09.08 02:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2012.10.03 16:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 06:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 16:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 10:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
[2012.03.30 10:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 12:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old\Windows\ERDNT\cache\userinit.exe
[2010.11.20 12:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old\Windows\System32\userinit.exe
[2010.11.20 12:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 12:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 12:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 01:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 01:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 06:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 05:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.10.28 05:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows.old\Windows\ERDNT\cache\winlogon.exe
[2010.11.20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows.old\Windows\System32\winlogon.exe
[2010.11.20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2010.11.20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 01:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2009.07.14 01:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[57 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[27 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[7 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.01.22 09:34:54 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Adobe
[2013.11.02 14:16:24 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Apple Computer
[2013.09.15 12:02:15 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Babylon
[2012.11.04 15:07:02 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\BSplayer
[2012.11.04 14:05:07 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\BSplayer Pro
[2013.10.12 15:16:24 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\DAEMON Tools Ult
[2013.09.20 18:17:23 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\DAEMON Tools Ultra
[2013.12.19 21:42:40 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\DG
[2013.11.18 17:11:11 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\DigitalSite
[2013.09.19 19:16:10 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\DMCache
[2013.12.26 22:01:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\DriverCure
[2014.02.02 17:27:13 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Dropbox
[2013.05.18 12:16:46 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\dvdcss
[2013.11.04 10:46:10 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\HTC
[2012.10.07 20:08:37 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Identities
[2013.03.16 17:39:17 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\IObit
[2012.10.08 16:29:46 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\LangSoft
[2013.12.29 12:47:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Macromedia
[2009.07.14 09:20:06 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Media Center Programs
[2014.01.05 22:03:28 | 000,000,000 | --SD | M] -- C:\Users\Zdenko\AppData\Roaming\Microsoft
[2012.10.07 20:55:28 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Mozilla
[2013.03.16 19:43:58 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\NCdownloader
[2014.02.02 09:43:50 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\OpenOffice
[2012.10.07 20:29:03 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Opera
[2013.10.27 22:03:38 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Opera Software
[2013.12.26 22:01:07 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\ParetoLogic
[2013.09.19 19:06:21 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\PerformerSoft
[2012.10.16 17:34:20 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Samsung
[2014.02.01 17:30:32 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Skype
[2013.09.19 19:04:26 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\SpeedAnalysis3
[2013.01.08 17:28:20 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Stealth Software
[2013.08.19 19:13:57 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Systweak
[2012.10.07 20:55:28 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\Thunderbird
[2013.12.26 22:49:38 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\TightVNC
[2013.12.18 07:36:25 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\update_tc
[2013.09.19 18:54:38 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\uTorrent
[2013.09.19 19:44:10 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\VitySoft
[2013.12.28 19:57:08 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\vlc
[2012.10.07 22:05:01 | 000,000,000 | ---D | M] -- C:\Users\Zdenko\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Zdenko\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Zdenko\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Zdenko\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Zdenko\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Zdenko\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Zdenko\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Zdenko\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Zdenko\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2014.01.03 00:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Users\Zdenko\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.01.03 00:47:26 | 000,229,288 | ---- | M] (Dropbox, Inc.) -- C:\Users\Zdenko\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2013.11.01 22:29:10 | 000,919,056 | ---- | M] (Dropbox, Inc.) -- C:\Users\Zdenko\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2013.01.08 17:28:43 | 000,265,216 | ---- | M] (Stealth Software) -- C:\Users\Zdenko\AppData\Roaming\Stealth Software\HTC Home\HTCHome (x64).exe
[2013.01.08 17:28:43 | 000,266,240 | ---- | M] (Stealth Software) -- C:\Users\Zdenko\AppData\Roaming\Stealth Software\HTC Home\HTCHome.exe
[2013.01.08 17:28:43 | 000,166,912 | ---- | M] (Stealth Software) -- C:\Users\Zdenko\AppData\Roaming\Stealth Software\HTC Home\Updater.exe
[2013.01.08 17:28:08 | 000,159,744 | ---- | M] (Stealth Software) -- C:\Users\Zdenko\AppData\Roaming\Stealth Software\HTC Home\Uninstall\Uninstall.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.02.02 17:38:16 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.02.02 09:47:51 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2014.02.01 18:00:00 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.02.02 09:52:48 | 000,020,704 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.02 09:52:48 | 000,020,704 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.02 09:46:56 | 000,360,456 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe -- [2009.07.14 01:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Ultra Agent" = "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun -- [2013.06.25 08:51:00 | 003,128,352 | ---- | M] (Disc Soft Ltd)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 12:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.11.19 09:45:55 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2013.10.27 22:31:03 | 000,879,456 | ---- | M] (Opera Software) MD5=FFC67949EF7C2BF307ED91B293581DD2 -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.02.02 16:55:07 | 000,000,512 | ---- | M] () MD5=686DD852E7FB7EC54F595C22195C1D99 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.12.28 21:02:45 | 000,004,125 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\CrackedCom.class

< *keygen* /s >

< *loader* /s >
[2013.09.03 05:54:08 | 000,012,278 | ---- | M] () -- \Program Files\Adobe\Acrobat 10.0\Acrobat\WebPublish\BootStrapLoader.swf
[2011.11.02 10:49:20 | 000,214,528 | ---- | M] () -- \Program Files\JDownloader\JDownloader.exe
[2011.11.02 10:49:20 | 000,593,293 | ---- | M] () -- \Program Files\JDownloader\JDownloader.jar
[2011.11.02 10:49:20 | 000,218,816 | ---- | M] () -- \Program Files\JDownloader\JDownloaderBETA.exe
[2011.11.02 10:49:20 | 000,218,816 | ---- | M] () -- \Program Files\JDownloader\JDownloaderD3D.exe
[2013.12.28 21:05:13 | 000,000,101 | ---- | M] () -- \Program Files\JDownloader\jd\img\hosterlogos\exclusiveloader.com.png
[2013.12.28 20:35:31 | 000,000,105 | ---- | M] () -- \Program Files\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2013.12.28 20:50:46 | 000,011,071 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2013.12.28 20:48:48 | 000,004,584 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2013.12.28 20:44:34 | 000,003,880 | ---- | M] () -- \Program Files\JDownloader\jd\plugins\hoster\UploaderJp.class
[2011.11.02 10:49:20 | 000,032,222 | ---- | M] () -- \Program Files\JDownloader\licenses\jdownloader.license
[2013.08.19 20:28:54 | 000,006,820 | ---- | M] () -- \Program Files\Movies Toolbar\SafetyNut\SRTOOL~1\IE\chrome\skin\lib\panels\images\ajax-loader.gif
[2013.09.17 04:54:36 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice 4\program\javaloader.uno.dll
[2013.09.17 04:57:36 | 000,005,813 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.py
[2013.09.17 04:54:38 | 000,020,992 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.uno.dll
[2013.09.20 13:57:06 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.uno.ini
[2013.09.20 13:39:02 | 000,003,868 | ---- | M] () -- \Program Files\OpenOffice 4\program\classes\unoloader.jar
[2013.09.16 22:10:56 | 000,013,420 | ---- | M] () -- \Program Files\OpenOffice 4\program\python-core-2.7.5\lib\unittest\loader.py
[2013.12.28 20:33:36 | 000,001,863 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013.12.28 20:33:36 | 000,001,842 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.12.28 20:33:36 | 000,001,884 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.10.09 17:07:12 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.10.09 17:07:12 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.12.28 20:33:36 | 000,001,863 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2013.12.28 20:33:36 | 000,001,842 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.12.28 20:33:36 | 000,001,884 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.10.09 17:07:12 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.10.09 17:07:12 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.05.18 13:03:35 | 000,000,185 | ---- | M] () -- \Users\Zdenko\AppData\Local\SRDownloader.err
[2013.05.18 13:56:37 | 000,001,104 | ---- | M] () -- \Users\Zdenko\AppData\Local\SRDownloader.nast
[2013.12.29 12:49:12 | 000,003,099 | ---- | M] () -- \Users\Zdenko\AppData\Local\Temp\pyl736A.tmp\lib\wubi\backends\common\btdownloader.pyo
[2013.12.29 12:49:12 | 000,002,973 | ---- | M] () -- \Users\Zdenko\AppData\Local\Temp\pyl736A.tmp\lib\wubi\backends\common\downloader.pyo
[2013.12.29 12:29:20 | 000,020,859 | ---- | M] () -- \Users\Zdenko\AppData\Local\Temp\pylCF9.tmp\lib\bittorrent\Downloader.pyo
[2013.12.29 12:29:20 | 000,003,440 | ---- | M] () -- \Users\Zdenko\AppData\Local\Temp\pylCF9.tmp\lib\bittorrent\DownloaderFeedback.pyo
[2013.12.29 12:29:21 | 000,013,684 | ---- | M] () -- \Users\Zdenko\AppData\Local\Temp\pylCF9.tmp\lib\bittorrent\Uploader.pyo
[2013.12.29 12:29:19 | 000,003,099 | ---- | M] () -- \Users\Zdenko\AppData\Local\Temp\pylCF9.tmp\lib\wubi\backends\common\btdownloader.pyo
[2013.12.29 12:29:20 | 000,002,973 | ---- | M] () -- \Users\Zdenko\AppData\Local\Temp\pylCF9.tmp\lib\wubi\backends\common\downloader.pyo
[2013.08.01 14:51:28 | 000,002,438 | ---- | M] () -- \Users\Zdenko\AppData\Roaming\DAEMON Tools Ultra\MediaInfo\img\loader.gif
[2014.01.20 21:35:47 | 000,000,521 | ---- | M] () -- \Users\Zdenko\AppData\Roaming\Microsoft\Windows\Recent\dentex.youtube.downloader_v3.6.apk.lnk
[2013.12.06 15:26:31 | 000,002,380 | ---- | M] () -- \Users\Zdenko\AppData\Roaming\Thunderbird\Profiles\4tzah0d1.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}\components\calBackendLoader.js
[2013.12.06 15:26:31 | 000,000,249 | ---- | M] () -- \Users\Zdenko\AppData\Roaming\Thunderbird\Profiles\4tzah0d1.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}\components\calBackendLoader.manifest
[2013.11.15 20:50:15 | 000,102,679 | ---- | M] () -- \Users\Zdenko\Downloads\Sygic 13.2.0 FULL CRK\mapy 2013.06\mapdownloader13_2_2_(20131111).zip
[2013.11.11 23:26:50 | 000,536,908 | ---- | M] () -- \Users\Zdenko\Downloads\Sygic 13.2.0 FULL CRK\mapy 2013.06\mapdownloader13_2_2_(20131111)\sgcmapdownloader.txt
[2013.11.11 23:26:50 | 000,039,424 | ---- | M] () -- \Users\Zdenko\Downloads\Sygic 13.2.0 FULL CRK\mapy 2013.06\mapdownloader13_2_2_(20131111)\sgcmapdownloader12.exe
[2013.07.10 22:49:18 | 000,536,887 | ---- | M] () -- \Users\Zdenko\Downloads\Sygic 13.2.0 FULL CRK\Sygic maps Europe\mapdownloader13.2 full\sgcmapdownloader.txt
[2013.07.10 22:49:18 | 000,039,424 | ---- | M] () -- \Users\Zdenko\Downloads\Sygic 13.2.0 FULL CRK\Sygic maps Europe\mapdownloader13.2 full\sgcmapdownloader13.2.exe
[2013.05.18 13:00:08 | 000,905,728 | ---- | M] () -- \Users\Zdenko\Dropbox\NB files\Desktop UK 7.13\SRDownloader.exe
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Documents and Settings\All Users\Skype\Apps\login\images\loader.png
[2012.05.27 22:27:06 | 000,052,743 | ---- | M] () -- \Windows.old\Documents and Settings\ZK\AppData\Local\SRDownloader.err
[2012.05.28 07:29:19 | 000,001,056 | ---- | M] () -- \Windows.old\Documents and Settings\ZK\AppData\Local\SRDownloader.nast
[2012.03.27 16:44:20 | 000,000,652 | ---- | M] () -- \Windows.old\Documents and Settings\ZK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C9MSRJOE\AdLoader[1].htm
[2012.03.27 19:56:34 | 000,904,192 | ---- | M] () -- \Windows.old\Documents and Settings\ZK\Desktop\SRDownloader.exe
[2008.03.18 06:31:00 | 000,009,216 | R--- | M] () -- \Windows.old\Program Files\Adobe\Acrobat 9.0\PDFMaker\AutoCAD\OD\AecDummyLoader_2.05_8.dll
[2012.05.08 18:31:47 | 000,047,568 | ---- | M] () -- \Windows.old\Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2012.05.08 18:31:47 | 000,232,912 | ---- | M] () -- \Windows.old\Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2012.05.08 18:31:47 | 001,715,152 | ---- | M] () -- \Windows.old\Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2011.11.11 12:20:12 | 000,112,128 | ---- | M] () -- \Windows.old\Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2012.07.27 09:04:45 | 000,009,216 | ---- | M] () -- \Windows.old\Program Files\HMRC\payetools2012\python\_win32sysloader.pyd
[2009.05.21 18:21:18 | 000,007,507 | ---- | M] () -- \Windows.old\Program Files\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2011.12.20 13:32:00 | 000,634,880 | ---- | M] () -- \Windows.old\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
[2011.12.20 13:32:00 | 000,000,151 | ---- | M] () -- \Windows.old\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.ini
[2012.01.19 20:32:37 | 000,002,941 | ---- | M] () -- \Windows.old\Program Files\Java\jdk1.7.0_02\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2012.01.19 20:32:38 | 000,000,411 | ---- | M] () -- \Windows.old\Program Files\Java\jdk1.7.0_02\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2012.01.19 20:32:40 | 001,138,236 | ---- | M] () -- \Windows.old\Program Files\Java\jdk1.7.0_02\lib\visualvm\platform\modules\org-openide-loaders.jar
[2012.01.19 20:32:39 | 000,007,002 | ---- | M] () -- \Windows.old\Program Files\Java\jdk1.7.0_02\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2012.01.19 20:32:39 | 000,006,658 | ---- | M] () -- \Windows.old\Program Files\Java\jdk1.7.0_02\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2012.01.19 20:32:40 | 000,000,457 | ---- | M] () -- \Windows.old\Program Files\Java\jdk1.7.0_02\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2010.12.09 11:10:18 | 000,003,072 | ---- | M] () -- \Windows.old\Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_eng.NLR
[2011.11.08 20:03:14 | 000,013,211 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.ErrorNotification.html
[2011.11.08 20:03:30 | 000,020,432 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.html
[2011.11.08 20:03:14 | 000,006,597 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.PreloaderNotification.html
[2011.11.08 20:03:28 | 000,010,567 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.ProgressNotification.html
[2011.11.08 20:03:10 | 000,015,082 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.StateChangeNotification.html
[2011.11.08 20:03:30 | 000,014,414 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\Preloader.StateChangeNotification.Type.html
[2011.11.08 20:03:34 | 000,006,842 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.ErrorNotification.html
[2011.11.08 20:03:12 | 000,004,449 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.html
[2011.11.08 20:03:20 | 000,009,261 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.PreloaderNotification.html
[2011.11.08 20:03:26 | 000,006,893 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.ProgressNotification.html
[2011.11.08 20:03:42 | 000,006,977 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.StateChangeNotification.html
[2011.11.08 20:03:32 | 000,011,165 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\application\class-use\Preloader.StateChangeNotification.Type.html
[2011.11.08 20:03:10 | 000,010,377 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.Attribute.html
[2011.11.08 20:03:34 | 000,012,768 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ControllerMethodEventHandler.html
[2011.11.08 20:03:30 | 000,014,222 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.CopyElement.html
[2011.11.08 20:03:38 | 000,011,488 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.DefineElement.html
[2011.11.08 20:03:34 | 000,020,205 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.Element.html
[2011.11.08 20:03:16 | 000,014,212 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ExpressionTargetMapping.html
[2011.11.08 20:03:10 | 000,044,046 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.html
[2011.11.08 20:03:34 | 000,014,967 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.IncludeElement.html
[2011.11.08 20:03:44 | 000,016,588 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.InstanceDeclarationElement.html
[2011.11.08 20:03:24 | 000,013,878 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.PropertyChangeListener.html
[2011.11.08 20:03:36 | 000,015,658 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.PropertyElement.html
[2011.11.08 20:03:12 | 000,014,271 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ReferenceElement.html
[2011.11.08 20:03:46 | 000,015,319 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ScriptElement.html
[2011.11.08 20:03:42 | 000,012,568 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ScriptEventHandler.html
[2011.11.08 20:03:34 | 000,015,451 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\FXMLLoader.ValueElement.html
[2011.11.08 20:03:32 | 000,008,341 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.Attribute.html
[2011.11.08 20:03:44 | 000,004,702 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ControllerMethodEventHandler.html
[2011.11.08 20:03:40 | 000,004,515 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.CopyElement.html
[2011.11.08 20:03:32 | 000,004,537 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.DefineElement.html
[2011.11.08 20:03:10 | 000,006,719 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.Element.html
[2011.11.08 20:03:14 | 000,004,647 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ExpressionTargetMapping.html
[2011.11.08 20:03:20 | 000,007,272 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.html
[2011.11.08 20:03:30 | 000,004,548 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.IncludeElement.html
[2011.11.08 20:03:26 | 000,004,680 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.InstanceDeclarationElement.html
[2011.11.08 20:03:28 | 000,004,636 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.PropertyChangeListener.html
[2011.11.08 20:03:18 | 000,006,587 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.PropertyElement.html
[2011.11.08 20:03:24 | 000,004,570 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ReferenceElement.html
[2011.11.08 20:03:40 | 000,004,537 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ScriptElement.html
[2011.11.08 20:03:12 | 000,004,592 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ScriptEventHandler.html
[2011.11.08 20:03:30 | 000,004,526 | ---- | M] () -- \Windows.old\Program Files\Oracle\JavaFX 2.0 SDK\docs\api\javafx\fxml\class-use\FXMLLoader.ValueElement.html
[2009.09.25 12:00:00 | 000,001,849 | ---- | M] () -- \Windows.old\Program Files\TuneUp Utilities 2011\data\Integrator\images\panel6\loader.gif
[2009.09.25 12:00:00 | 000,001,849 | ---- | M] () -- \Windows.old\Program Files\TuneUp Utilities 2011\data\TuneUpUtilities.gadget\images\loader.gif
[2009.09.25 12:00:00 | 000,001,849 | ---- | M] () -- \Windows.old\Program Files\Windows Sidebar\Shared Gadgets\TuneUpUtilities.gadget\images\loader.gif
[2009.06.01 23:16:57 | 000,114,688 | ---- | M] () -- \Windows.old\Program Files\WinRAR\RarExtLoader.exe
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\ProgramData\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\ProgramData\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Users\All Users\Application Data\Skype\Apps\login\images\loader.png
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Windows.old\Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Windows.old\Users\All Users\Skype\Apps\login\images\loader.png
[2012.05.27 22:27:06 | 000,052,743 | ---- | M] () -- \Windows.old\Users\ZK\AppData\Local\SRDownloader.err
[2012.05.28 07:29:19 | 000,001,056 | ---- | M] () -- \Windows.old\Users\ZK\AppData\Local\SRDownloader.nast
[2012.03.27 16:44:20 | 000,000,652 | ---- | M] () -- \Windows.old\Users\ZK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C9MSRJOE\AdLoader[1].htm
[2012.03.27 19:56:34 | 000,904,192 | ---- | M] () -- \Windows.old\Users\ZK\Desktop\SRDownloader.exe
[2009.09.30 16:39:46 | 002,199,375 | R--- | M] () -- \Windows.old\Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011.07.16 04:15:45 | 000,003,584 | -H-- | M] () -- \Windows.old\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 01:15:12 | 000,038,400 | ---- | M] () -- \Windows.old\Windows\System32\dmloader.dll
[2011.07.15 11:32:40 | 000,012,532 | ---- | M] () -- \Windows.old\Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011.07.15 11:39:18 | 000,009,622 | ---- | M] () -- \Windows.old\Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2012.02.10 21:00:26 | 000,003,572 | ---- | M] () -- \Windows.old\Windows\System32\Tasks\Launch HTC Sync Loader
[2009.07.14 04:54:01 | 000,003,532 | ---- | M] () -- \Windows.old\Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 07:42:17 | 000,002,883 | ---- | M] () -- \Windows.old\Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 07:42:17 | 000,033,344 | ---- | M] () -- \Windows.old\Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009.07.14 07:42:17 | 000,029,776 | ---- | M] () -- \Windows.old\Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011.05.21 23:19:52 | 000,004,225 | ---- | M] () -- \Windows.old\Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.05.21 23:19:52 | 000,508,904 | ---- | M] () -- \Windows.old\Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.05.21 23:19:52 | 000,442,720 | ---- | M] () -- \Windows.old\Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 02:17:38 | 000,002,894 | ---- | M] () -- \Windows.old\Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:17:38 | 000,017,472 | ---- | M] () -- \Windows.old\Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 07:41:36 | 000,002,883 | ---- | M] () -- \Windows.old\Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 01:47:46 | 000,004,225 | ---- | M] () -- \Windows.old\Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 07:38:48 | 000,004,225 | ---- | M] () -- \Windows.old\Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 07:21:21 | 000,004,225 | ---- | M] () -- \Windows.old\Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 03:02:40 | 000,004,225 | ---- | M] () -- \Windows.old\Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 01:52:31 | 000,002,894 | ---- | M] () -- \Windows.old\Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 01:15:12 | 000,038,400 | ---- | M] () -- \Windows.old\Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 01:03:49 | 000,003,584 | -H-- | M] () -- \Windows.old\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 04:19:58 | 000,003,584 | ---- | M] () -- \Windows.old\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 04:12:45 | 000,003,584 | ---- | M] () -- \Windows.old\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 04:15:45 | 000,003,584 | -H-- | M] () -- \Windows.old\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 04:36:48 | 000,003,584 | ---- | M] () -- \Windows.old\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2009.07.14 12:25:34 | 002,202,645 | ---- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2013.08.02 01:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 01:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 04:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 08:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 08:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 08:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2012.10.07 23:47:38 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2012.10.07 23:47:38 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2012.10.07 23:47:38 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2012.10.08 21:15:16 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012.10.08 21:15:17 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012.10.08 21:15:17 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 02:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 08:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.13 17:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.14 01:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 07:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 07:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 01:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 01:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 01:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 04:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 11:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 16:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 04:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 04:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 04:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 17:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 16:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 04:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 04:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 04:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 17:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 16:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 04:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 01:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 04:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 17:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 16:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 04:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 04:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 05:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

OTL Extras logfile created on: 2.2.2014 16:51:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zdenko\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000405 | Country: Spojené království | Language: ENG | Date Format: dd/MM/yyyy

1,75 Gb Total Physical Memory | 0,70 Gb Available Physical Memory | 39,87% Memory free
3,50 Gb Paging File | 1,55 Gb Available in Paging File | 44,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 118,10 Gb Total Space | 18,23 Gb Free Space | 15,43% Space Free | Partition Type: NTFS
Drive D: | 114,79 Gb Total Space | 71,90 Gb Free Space | 62,64% Space Free | Partition Type: NTFS
Drive F: | 3,76 Gb Total Space | 3,66 Gb Free Space | 97,45% Space Free | Partition Type: FAT32
Drive G: | 895,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: ZDENKO-PC | User Name: Zdenko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1428903961-783849649-1519604710-1001\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E4378AD-236C-4F6F-840F-C21500290ED3}" = lport=137 | protocol=17 | dir=in | app=system |
"{0E4A54CF-B4F9-48E3-82A5-CBF9843B3903}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{15302E11-F195-4AD0-A067-0CE94F7719FA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{245B3A06-155B-49D3-AD45-E3BA9607467C}" = rport=137 | protocol=17 | dir=out | app=system |
"{24C49D42-FC3B-4F5D-895F-667AB0DA4846}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{2A7F4D58-DCA9-4475-A747-DB856A760BDB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2C9C5165-0CE7-450E-89F6-F6C91B90B380}" = lport=139 | protocol=6 | dir=in | app=system |
"{34478589-B0C3-485E-9FB6-24BEAF7C51A4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4B5CBD6E-E7CE-47E1-864A-E6D46E401E80}" = rport=139 | protocol=6 | dir=out | app=system |
"{6FFD6F62-079B-4E4B-860D-13EFD6385C7C}" = rport=445 | protocol=6 | dir=out | app=system |
"{9A1CB063-23AF-4258-B934-3C044D27D1F7}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{9A824468-FB0B-42FE-9F10-83E2ADE80416}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BA413071-44A4-4E01-9AAE-3B64338882B6}" = lport=138 | protocol=17 | dir=in | app=system |
"{BBE29ADB-AD2D-4C6F-AF41-7D4FCA5C0A41}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{CD0D273D-2777-494B-8CF2-4319303EE90A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D59B406B-34AB-4179-B73E-BC0DD27BA5CE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D5A64265-202C-4FD4-998F-35178CBFC46A}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{D6933AB8-D3BA-4D0B-8624-BBCFF7B89BC7}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{F0981E73-7AC2-4114-BD45-6B1F69DDE945}" = rport=138 | protocol=17 | dir=out | app=system |
"{FDAD217E-723F-4E76-8B11-923B99E54D6D}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{078558CB-9C53-4A14-B820-513C3B91F435}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1A921682-F0FD-43DA-B734-F2D1B7C730AE}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{1EE400D8-15CB-41CC-84FE-8B1C2345EC52}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{28777E14-327D-48A5-B756-CEEFC9132308}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2DC77CF7-D229-42DC-88AA-45FACC6DCE60}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{334A6A32-8C5A-4BAC-9B28-DED97C1D6F38}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{44486436-2EDD-441D-B900-C11926713598}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5AB5969E-8BDB-4FD3-9D0C-8D68A1D881CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5B8ED019-9D5C-466A-B2D2-5CCE2329F9EF}" = protocol=6 | dir=in | app=c:\users\zdenko\appdata\roaming\dropbox\bin\dropbox.exe |
"{607B7344-B20C-4431-AB6E-D2F485FA229E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{62A1E43C-817C-4DA1-BA99-2469AE4C4F9A}" = protocol=6 | dir=in | app=c:\program files\remote mouse\remotemouse.exe |
"{673F2748-019F-4A8D-A2A7-40FE3D64253E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{719AFAE0-0718-4BEB-93AC-A79DFE38BBDE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{74BCFDC7-D18A-4EF7-AA48-A4A16BF0D111}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{900AF93E-36AE-4877-8A86-5E027B8137ED}" = protocol=6 | dir=in | app=c:\program files\movies toolbar\safetynut\srtool~1\ie\dtuser.exe |
"{990A0E5C-8CD1-45C0-9B94-186C55CECE98}" = protocol=17 | dir=in | app=c:\program files\remote mouse\remotemouse.exe |
"{9F1F902A-AE61-4B47-AA36-32940D7AE6B7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B4A73B64-D12D-4CBF-A125-D30DE8061C20}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{CF2CFF21-88CD-4B26-82CD-F2FC2885A28D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{E910C11A-3912-492E-AF1A-8B8A0067ACF2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F57CD0CE-16C6-4A4F-A08C-3EDFA5D39FC3}" = protocol=17 | dir=in | app=c:\program files\movies toolbar\safetynut\srtool~1\ie\dtuser.exe |
"{F804D91C-5111-4059-BDBC-8D2C308AB1D0}" = protocol=17 | dir=in | app=c:\users\zdenko\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{12FF28E5-34A8-426F-B903-65943EE2FB29}C:\users\zdenko\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\zdenko\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{75C1E9D9-2E96-4736-B4CE-3D0A2E42B99A}C:\program files\remote mouse\remotemouse.exe" = protocol=6 | dir=in | app=c:\program files\remote mouse\remotemouse.exe |
"TCP Query User{8AB2D864-E4E5-4F4B-A371-4D4C07E8E637}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{B5B296BD-8A77-476C-9788-85AD668CD326}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{155BAAB1-F44A-4FE0-8052-F7F371A1ED22}C:\users\zdenko\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\zdenko\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{A33E726A-497C-4722-87C3-6BA1099158BC}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{CD4BEA38-BD12-4631-95BC-5ADB19DC241C}C:\program files\remote mouse\remotemouse.exe" = protocol=17 | dir=in | app=c:\program files\remote mouse\remotemouse.exe |
"UDP Query User{CFEF6890-9ADC-4AD5-9B23-5EC3C97FAE27}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{1B746E6D-C652-29E9-0595-CBA512C3906D}_is1" = RegCurePro pln verze zdarma version for Windows
"{220C463A-2890-4C7F-B97C-C49FE175B849}" = OpenOffice 4.0.1
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B52A4B7-5B8B-4105-9EBD-1755922EEE45}_is1" = bitcoinLibertagia version 1.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C547F361-5750-4CD1-9FB6-BC93827CB6C1}" = RegCure Pro
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f2acc0b9-a0cc-479e-b8f1-4b845f7e16b5}" =
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 5.0 Limited Edition" = Adobe Photoshop 5.0 Limited Edition
"aTube Catcher" = aTube Catcher
"BSPlayerf" = BS.Player FREE
"DAEMON Tools Ultra" = DAEMON Tools Ultra
"FormatFactory" = FormatFactory 3.00
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Thunderbird 24.2.0 (x86 en-GB)" = Mozilla Thunderbird 24.2.0 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 12.16.1860" = Opera 12.16
"VLC media player" = VLC media player 2.0.3
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1428903961-783849649-1519604710-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1.2.2014 13:28:55 | Computer Name = Zdenko-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 1.2.2014 13:28:57 | Computer Name = Zdenko-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 2.2.2014 5:08:12 | Computer Name = Zdenko-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 2.2.2014 5:23:47 | Computer Name = Zdenko-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 2.2.2014 5:23:52 | Computer Name = Zdenko-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 2.2.2014 5:23:53 | Computer Name = Zdenko-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 2.2.2014 5:23:53 | Computer Name = Zdenko-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 2.2.2014 5:23:55 | Computer Name = Zdenko-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 2.2.2014 5:23:55 | Computer Name = Zdenko-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 2.2.2014 5:23:57 | Computer Name = Zdenko-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 2.2.2014 5:25:46 | Computer Name = Zdenko-PC | Source = MsiInstaller | ID = 11311
Description =

Error - 2.2.2014 7:56:31 | Computer Name = Zdenko-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\Microsoft Office\Office14\MSACCESS.EXE.Manifest
se nezdarilo. Závislé sestavení AceDAO,language="&#x2a;",processorArchitecture="X86",type="win32",version="14.0.0.0"
nelze najít. Podrobnejší diagnostické údaje získáte pomocí programu sxstrace.exe.

[ System Events ]
Error - 14.3.2013 12:01:30 | Computer Name = Zdenko-PC | Source = ipnathlp | ID = 30013
Description =

Error - 14.3.2013 15:49:47 | Computer Name = Zdenko-PC | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybe: 10. Stav interní
chyby: 10

Error - 14.3.2013 18:43:58 | Computer Name = Zdenko-PC | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybe: 10. Stav interní
chyby: 10

Error - 14.3.2013 18:56:15 | Computer Name = Zdenko-PC | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybe: 10. Stav interní
chyby: 10

Error - 16.3.2013 6:53:59 | Computer Name = Zdenko-PC | Source = ipnathlp | ID = 30013
Description =

Error - 17.3.2013 13:27:00 | Computer Name = Zdenko-PC | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybe: 10. Stav interní
chyby: 10

Error - 18.3.2013 6:42:47 | Computer Name = Zdenko-PC | Source = EventLog | ID = 6008
Description = Predchozí vypnutí systému (10:41:28, ?18/?03/?2013) bylo neocekávané.

Error - 18.3.2013 6:43:44 | Computer Name = Zdenko-PC | Source = DCOM | ID = 10010
Description =

Error - 18.3.2013 6:43:55 | Computer Name = Zdenko-PC | Source = ipnathlp | ID = 30013
Description =

Error - 18.3.2013 17:39:46 | Computer Name = Zdenko-PC | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybe: 10. Stav interní
chyby: 10


< End of report >

Tak to mate dobreho kamarada, kdyz Vam sice zmeni system, ale zcela evidentne Vam tam da nelegalni a tim Vas vedomne vystavi riziku tretsniho stihani.

A ty nelegalni Office ma na svedomi asi taky on ze

Ale jak se tam divam, tak to prvni problem s legalitou Vaseho systemu zde - treba zde jste jiz mel nelegal tez http://forum.viry.cz/viewtopic.php?f=13 ... 9#p1037583


Ale jak bylo receno kolegou, nelegalnimi systemy se tu nezabyvame...

Dobre teda, ako teraz zlegalizujem moj windows?

V prve rade, vyplati se vam legalizovat tuto verzi, jejiz cena zacina na 6 - 8 tisicich

Poku ano, tak se obratte na podporu microsoftu, kteri poradi jak nyni postupovat

Ale ja bych spise se priklonil k reinstalu na beznou verzi Home Premium

Takze ak by som si kupil WINDOWS 7 HOME PREMIUM BASIC 32 & 64 BIT RE-INSTALL & RECOVERY DISC tak dokazem svoj povodne zakupeny s Notebookom win 7 Home Premium dostat nazad? Stale mam nalepku product key na spodku laptopu

Pokud mate nalepku, tak je to o to snazsi a nemusite nic kupovat...Satci si jen kdekoliv pujcit instalacni DVD s danou verzi, provest instalaci a pak pouzit sve seriove cislo, ktere mate na nalepce.

Dakujem, moc ste mi pomohli. Konecne budem mat nazad svoj legalny windows.

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat