VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by lucason3 at 2014-05-20 08:43:36
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 4 GB (7%) free of 50 GB
Total RAM: 3994 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:43:38, on 20. 5. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Users\lucason3\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Program Files\trend micro\lucason3.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 1CC0711607}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [Google Update] "C:\Users\lucason3\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [BitTorrent Sync] "C:\Program Files (x86)\BitTorrent Sync\BTSync.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - D:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - D:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - D:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: MgAssist Service (MgAssistService) - Unknown owner - C:\Program Files (x86)\Mobogenie\MgAssist.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9927 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
"D:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"D:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\Mobogenie\MgAssist.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"D:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\system32\AUDIODG.EXE 0x7fc
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\Mobogenie\DaemonProcess.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"D:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Users\lucason3\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\COMODO\GeekBuddy\unit_manager.exe"
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
"C:\Program Files (x86)\COMODO\GeekBuddy\unit" "\"C:/Program Files (x86)/COMODO/GeekBuddy/lps-cspm\""
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=524.dbd7df0.1354217292 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 524 "\\.\pipe\gecko-crash-server-pipe.524" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --proxy-stub-channel=Flash3400.6A486010.3519 --host-broker-channel=Flash3400.6A486010.9618 --host-pid=3400 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --channel=1320.0015F464.356589685 --proxy-stub-channel=Flash3400.6A486010.3519 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\sppsvc.exe
"C:\Users\lucason3\Desktop\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2158292681-2161067555-2850423787-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2158292681-2161067555-2850423787-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2158292681-2161067555-2850423787-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2158292681-2161067555-2850423787-1003UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\lucason3\AppData\Roaming\Mozilla\Firefox\Profiles\9oi8amhe.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=d:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\AdobeReader\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Users\lucason3\AppData\Roaming\Mozilla\Firefox\Profiles\9oi8amhe.default\extensions\
AppGraffiti@AppGraffiti.com

C:\Users\lucason3\AppData\Roaming\Mozilla\Firefox\Profiles\9oi8amhe.default\searchplugins\
yahoo-zugo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-10 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-10 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-10 415256]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-10-23 1424896]
"LogMeIn GUI"=D:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2012-04-02 57928]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\lucason3\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-15 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-02-10 20922016]
"BitTorrent Sync"=C:\Program Files (x86)\BitTorrent Sync\BTSync.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"GrooveMonitor"=D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [2014-01-24 775872]
"tvncontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-05-05 2327248]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Start GeekBuddy.lnk - C:\Program Files (x86)\COMODO\GeekBuddy\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-29 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-05-20 08:40:14 ----D---- C:\Program Files\trend micro
2014-05-20 08:40:13 ----D---- C:\rsit
2014-05-19 08:40:26 ----D---- C:\ProgramData\Comodo Downloader
2014-05-19 08:40:06 ----D---- C:\ProgramData\Shared Space
2014-05-19 08:40:02 ----A---- C:\Windows\SYSWOW64\cmdvrt32.dll
2014-05-19 08:40:02 ----A---- C:\Windows\SYSWOW64\cmdkbd32.dll
2014-05-19 08:40:02 ----A---- C:\Windows\system32\cmdvrt64.dll
2014-05-19 08:40:02 ----A---- C:\Windows\system32\cmdkbd64.dll
2014-05-18 15:07:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-18 14:46:58 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-05-18 14:46:45 ----D---- C:\ProgramData\Malwarebytes
2014-05-18 14:46:45 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-18 14:46:45 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-05-18 14:46:45 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-05-18 14:46:45 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-05-18 14:34:43 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-18 14:34:43 ----A---- C:\Windows\system32\mshtml.dll
2014-05-18 14:34:42 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-18 14:34:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-18 11:08:59 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2014-05-18 11:08:58 ----A---- C:\Windows\system32\WMPhoto.dll
2014-05-18 11:08:56 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-05-18 11:08:56 ----A---- C:\Windows\system32\d3d10warp.dll
2014-05-18 11:08:55 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-05-18 11:08:55 ----A---- C:\Windows\system32\d2d1.dll
2014-05-18 11:07:02 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-05-18 11:07:02 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-05-18 11:06:57 ----A---- C:\Windows\system32\spoolsv.exe
2014-05-18 11:06:57 ----A---- C:\Windows\splwow64.exe
2014-05-18 10:16:52 ----SD---- C:\Windows\system32\CompatTel
2014-05-18 01:52:37 ----A---- C:\Windows\system32\wmploc.DLL
2014-05-18 01:52:36 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-05-18 01:52:36 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-05-18 01:52:35 ----A---- C:\Windows\system32\wmp.dll
2014-05-18 01:41:39 ----D---- C:\Windows\Migration
2014-05-18 01:31:40 ----A---- C:\Windows\system32\IEUDINIT.EXE
2014-05-18 01:26:12 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2014-05-18 01:26:05 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2014-05-18 01:26:05 ----A---- C:\Windows\system32\elshyph.dll
2014-05-18 01:26:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-05-18 01:26:04 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2014-05-18 01:26:04 ----A---- C:\Windows\SYSWOW64\msls31.dll
2014-05-18 01:26:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-05-18 01:26:04 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-05-18 01:26:03 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-05-18 01:26:03 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-05-18 01:26:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-05-18 01:26:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-05-18 01:26:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-05-18 01:26:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-05-18 01:26:00 ----A---- C:\Windows\SYSWOW64\url.dll
2014-05-18 01:26:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-05-18 01:26:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-05-18 01:26:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2014-05-18 01:26:00 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-05-18 01:25:59 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2014-05-18 01:25:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-05-18 01:25:59 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-05-18 01:25:59 ----A---- C:\Windows\SYSWOW64\icardie.dll
2014-05-18 01:25:58 ----A---- C:\Windows\SYSWOW64\wextract.exe
2014-05-18 01:25:58 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-05-18 01:25:58 ----A---- C:\Windows\SYSWOW64\inseng.dll
2014-05-18 01:25:58 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2014-05-18 01:25:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-05-18 01:25:57 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-05-18 01:25:57 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-05-18 01:25:56 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2014-05-18 01:25:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2014-05-18 01:25:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-05-18 01:25:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-05-18 01:25:54 ----A---- C:\Windows\SYSWOW64\mshta.exe
2014-05-18 01:25:54 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-05-18 01:25:54 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2014-05-18 01:25:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-05-18 01:25:53 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-05-18 01:25:53 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-05-18 01:25:53 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-05-18 01:25:53 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2014-05-18 01:25:52 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2014-05-18 01:25:52 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2014-05-18 01:25:52 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-05-18 01:25:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-05-18 01:25:51 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-05-18 01:25:46 ----A---- C:\Windows\system32\wininet.dll
2014-05-18 01:25:46 ----A---- C:\Windows\system32\urlmon.dll
2014-05-18 01:25:46 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-18 01:25:46 ----A---- C:\Windows\system32\msls31.dll
2014-05-18 01:25:46 ----A---- C:\Windows\system32\jsproxy.dll
2014-05-18 01:25:46 ----A---- C:\Windows\system32\jsIntl.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\wextract.exe
2014-05-18 01:25:45 ----A---- C:\Windows\system32\webcheck.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\vbscript.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\url.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-05-18 01:25:45 ----A---- C:\Windows\system32\pngfilt.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\occache.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\msrating.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\mshtmler.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\mshta.exe
2014-05-18 01:25:45 ----A---- C:\Windows\system32\msfeedssync.exe
2014-05-18 01:25:45 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\msfeeds.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\licmgr10.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\jscript9diag.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\jscript9.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\jscript.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\inseng.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\imgutil.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\iexpress.exe
2014-05-18 01:25:45 ----A---- C:\Windows\system32\ieUnatt.exe
2014-05-18 01:25:45 ----A---- C:\Windows\system32\ieui.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\iesysprep.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\iesetup.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\iertutil.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\iernonce.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\iepeers.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\ieframe.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-05-18 01:25:45 ----A---- C:\Windows\system32\iedkcs32.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\ieapfltr.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\ieapfltr.dat
2014-05-18 01:25:45 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\ie4uinit.exe
2014-05-18 01:25:45 ----A---- C:\Windows\system32\icardie.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\dxtrans.dll
2014-05-18 01:25:45 ----A---- C:\Windows\system32\dxtmsft.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-18 01:22:01 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-18 01:22:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-18 01:22:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-18 01:22:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-18 01:22:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-18 01:22:00 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-18 01:22:00 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2014-05-18 01:22:00 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2014-05-18 01:22:00 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-05-18 01:22:00 ----A---- C:\Windows\system32\XpsPrint.dll
2014-05-18 01:22:00 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-05-18 01:22:00 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-05-18 01:21:59 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2014-05-18 01:21:59 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-05-18 01:21:59 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2014-05-18 01:21:59 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2014-05-18 01:21:59 ----A---- C:\Windows\system32\FntCache.dll
2014-05-18 01:21:59 ----A---- C:\Windows\system32\dxgi.dll
2014-05-18 01:21:58 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2014-05-18 01:21:58 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2014-05-18 01:21:58 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2014-05-18 01:21:58 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2014-05-18 01:21:58 ----A---- C:\Windows\system32\DWrite.dll
2014-05-18 01:21:58 ----A---- C:\Windows\system32\d3d10core.dll
2014-05-18 01:21:58 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-05-18 01:21:58 ----A---- C:\Windows\system32\d3d10_1.dll
2014-05-18 01:21:58 ----A---- C:\Windows\system32\d3d10.dll
2014-05-18 01:21:57 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2014-05-18 01:21:57 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2014-05-18 01:21:57 ----A---- C:\Windows\system32\d3d10level9.dll
2014-05-18 01:21:56 ----A---- C:\Windows\system32\UIAnimation.dll
2014-05-18 00:06:33 ----D---- C:\Windows\system32\MRT
2014-05-17 23:55:09 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-05-17 23:55:09 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-05-17 23:55:09 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-05-17 23:55:09 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-05-17 23:55:09 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-05-17 23:55:08 ----A---- C:\Windows\system32\WUDFx.dll
2014-05-17 23:55:08 ----A---- C:\Windows\system32\WUDFHost.exe
2014-05-17 18:03:17 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2014-05-17 18:03:17 ----A---- C:\Windows\system32\d3d11.dll
2014-05-17 18:02:22 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2014-05-17 18:02:22 ----A---- C:\Windows\system32\msieftp.dll
2014-05-17 18:02:19 ----A---- C:\Windows\system32\wwansvc.dll
2014-05-17 18:02:19 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-05-17 18:02:15 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2014-05-17 18:02:15 ----A---- C:\Windows\system32\comctl32.dll
2014-05-17 18:02:02 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2014-05-17 18:02:02 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2014-05-17 18:02:02 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2014-05-17 18:02:02 ----A---- C:\Windows\system32\dhcpcore6.dll
2014-05-17 18:01:57 ----A---- C:\Windows\system32\mstscax.dll
2014-05-17 18:01:56 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-05-17 18:01:56 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-05-17 18:01:55 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-05-17 18:01:55 ----A---- C:\Windows\system32\tsgqec.dll
2014-05-17 18:01:55 ----A---- C:\Windows\system32\aaclient.dll
2014-05-17 18:01:49 ----A---- C:\Windows\system32\shell32.dll
2014-05-17 18:01:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-17 18:01:46 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-05-17 18:01:46 ----A---- C:\Windows\system32\wintrust.dll
2014-05-17 18:01:34 ----A---- C:\Windows\system32\aepdu.dll
2014-05-17 18:01:34 ----A---- C:\Windows\system32\aeinv.dll
2014-05-17 18:01:30 ----A---- C:\Windows\system32\consent.exe
2014-05-17 18:01:30 ----A---- C:\Windows\system32\appinfo.dll
2014-05-17 18:00:59 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-05-17 18:00:59 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-05-17 18:00:59 ----A---- C:\Windows\system32\cryptsvc.dll
2014-05-17 18:00:59 ----A---- C:\Windows\system32\cryptnet.dll
2014-05-17 18:00:59 ----A---- C:\Windows\system32\crypt32.dll
2014-05-17 18:00:58 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2014-05-17 18:00:54 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-05-17 18:00:54 ----A---- C:\Windows\system32\wer.dll
2014-05-17 18:00:53 ----A---- C:\Windows\system32\imagehlp.dll
2014-05-17 18:00:52 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2014-05-17 18:00:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-05-17 18:00:51 ----A---- C:\Windows\system32\tzres.dll
2014-05-17 18:00:43 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-05-17 18:00:43 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-05-17 18:00:43 ----A---- C:\Windows\system32\msxml3r.dll
2014-05-17 18:00:43 ----A---- C:\Windows\system32\msxml3.dll
2014-05-17 18:00:03 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-05-17 18:00:03 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-05-17 18:00:03 ----A---- C:\Windows\system32\drivers\afd.sys
2014-05-17 18:00:02 ----A---- C:\Windows\system32\win32k.sys
2014-05-17 18:00:01 ----A---- C:\Windows\system32\drivers\ataport.sys
2014-05-17 17:59:58 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2014-05-17 17:59:58 ----A---- C:\Windows\SYSWOW64\credui.dll
2014-05-17 17:59:58 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-05-17 17:59:58 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2014-05-17 17:59:58 ----A---- C:\Windows\system32\credui.dll
2014-05-17 17:59:58 ----A---- C:\Windows\system32\authui.dll
2014-05-17 17:59:53 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2014-05-17 17:59:53 ----A---- C:\Windows\system32\atmlib.dll
2014-05-17 17:59:53 ----A---- C:\Windows\system32\atmfd.dll
2014-05-17 17:59:52 ----A---- C:\Windows\SYSWOW64\lpk.dll
2014-05-17 17:59:52 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2014-05-17 17:59:52 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2014-05-17 17:59:52 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2014-05-17 17:59:52 ----A---- C:\Windows\system32\lpk.dll
2014-05-17 17:59:52 ----A---- C:\Windows\system32\fontsub.dll
2014-05-17 17:59:52 ----A---- C:\Windows\system32\dciman32.dll
2014-05-17 17:59:50 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-05-17 17:59:50 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-05-17 17:59:50 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-05-17 17:59:50 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-05-17 17:59:50 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-05-17 17:59:50 ----A---- C:\Windows\system32\secproc_isv.dll
2014-05-17 17:59:50 ----A---- C:\Windows\system32\secproc.dll
2014-05-17 17:59:50 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-05-17 17:59:50 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-05-17 17:59:50 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-05-17 17:59:50 ----A---- C:\Windows\system32\RMActivate.exe
2014-05-17 17:59:50 ----A---- C:\Windows\system32\msdrm.dll
2014-05-17 17:59:49 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-05-17 17:59:49 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-05-17 17:59:49 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-05-17 17:59:49 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-05-17 17:59:49 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-05-17 17:59:49 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-05-17 17:59:37 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-05-17 17:59:37 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-05-17 17:59:37 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-05-17 17:59:37 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-05-17 17:59:37 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-05-17 17:59:37 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-05-17 17:59:37 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-05-17 17:54:43 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2014-05-17 17:54:43 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-05-17 17:54:41 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-05-17 17:54:40 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-05-17 17:54:40 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-05-17 17:54:33 ----A---- C:\Windows\system32\Wdfres.dll
2014-05-17 17:54:33 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-05-17 17:54:33 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-05-17 17:54:31 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-05-17 17:54:31 ----A---- C:\Windows\system32\rpcrt4.dll
2014-05-17 17:54:30 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2014-05-17 17:54:30 ----A---- C:\Windows\system32\drivers\usbcir.sys
2014-05-17 17:54:30 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2014-05-17 17:54:29 ----A---- C:\Windows\system32\msxml6.dll
2014-05-17 17:54:28 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-05-17 17:54:26 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2014-05-17 17:54:26 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2014-05-17 17:54:26 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2014-05-17 17:54:26 ----A---- C:\Windows\system32\nlasvc.dll
2014-05-17 17:54:26 ----A---- C:\Windows\system32\netcorehc.dll
2014-05-17 17:54:26 ----A---- C:\Windows\system32\ncsi.dll
2014-05-17 17:54:26 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-05-17 17:54:25 ----A---- C:\Windows\SYSWOW64\netevent.dll
2014-05-17 17:54:25 ----A---- C:\Windows\system32\nlaapi.dll
2014-05-17 17:54:25 ----A---- C:\Windows\system32\netevent.dll
2014-05-17 17:54:25 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-05-17 17:54:19 ----A---- C:\Windows\system32\drivers\hidparse.sys
2014-05-17 17:54:19 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-05-17 17:53:58 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-05-17 17:53:58 ----A---- C:\Windows\system32\WebClnt.dll
2014-05-17 17:53:57 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2014-05-17 17:53:57 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-05-17 17:53:57 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-05-17 17:53:57 ----A---- C:\Windows\system32\dpnet.dll
2014-05-17 17:53:57 ----A---- C:\Windows\system32\davclnt.dll
2014-05-17 17:53:48 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-17 17:53:47 ----A---- C:\Windows\system32\schannel.dll
2014-05-17 17:53:47 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-17 17:53:47 ----A---- C:\Windows\system32\kerberos.dll
2014-05-17 17:53:46 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-17 17:53:46 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-17 17:53:46 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-17 17:53:45 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-17 17:53:45 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-17 17:53:45 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-17 17:53:45 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-05-17 17:53:45 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-17 17:53:45 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-17 17:53:45 ----A---- C:\Windows\system32\winlogon.exe
2014-05-17 17:53:45 ----A---- C:\Windows\system32\wdigest.dll
2014-05-17 17:53:45 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-17 17:53:45 ----A---- C:\Windows\system32\objsel.dll
2014-05-17 17:53:45 ----A---- C:\Windows\system32\ncrypt.dll
2014-05-17 17:53:45 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-17 17:53:45 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-17 17:53:45 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-17 17:53:45 ----A---- C:\Windows\system32\drivers\cng.sys
2014-05-17 17:53:44 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-17 17:53:44 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-17 17:53:44 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-17 17:53:44 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-17 17:53:44 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-17 17:53:44 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-17 17:53:44 ----A---- C:\Windows\system32\smss.exe
2014-05-17 17:53:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-17 17:53:44 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-17 17:53:44 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-17 17:53:44 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-17 17:53:44 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-17 17:53:44 ----A---- C:\Windows\system32\adprovider.dll
2014-05-17 17:53:43 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-17 17:53:43 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-17 17:53:43 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-17 17:53:43 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-17 17:53:43 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-17 17:53:43 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-17 17:53:43 ----A---- C:\Windows\system32\sspicli.dll
2014-05-17 17:53:43 ----A---- C:\Windows\system32\secur32.dll
2014-05-17 17:53:43 ----A---- C:\Windows\system32\lsass.exe
2014-05-17 17:53:43 ----A---- C:\Windows\system32\csrsrv.dll
2014-05-17 17:53:43 ----A---- C:\Windows\system32\credssp.dll
2014-05-17 17:53:42 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2014-05-17 17:53:42 ----A---- C:\Windows\system32\apisetschema.dll
2014-05-17 17:53:33 ----A---- C:\Windows\system32\OxpsConverter.exe
2014-05-17 17:53:30 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-05-17 17:53:30 ----A---- C:\Windows\system32\usp10.dll
2014-05-17 17:53:27 ----A---- C:\Windows\system32\rdpcorets.dll
2014-05-17 17:53:27 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-05-17 17:53:26 ----A---- C:\Windows\system32\mswsock.dll
2014-05-17 17:53:25 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2014-05-17 17:53:20 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2014-05-17 17:53:20 ----A---- C:\Windows\SYSWOW64\gameux.dll
2014-05-17 17:53:20 ----A---- C:\Windows\system32\Wpc.dll
2014-05-17 17:53:20 ----A---- C:\Windows\system32\gameux.dll
2014-05-17 17:52:09 ----A---- C:\Windows\system32\tdh.dll
2014-05-17 17:52:09 ----A---- C:\Windows\system32\ntdll.dll
2014-05-17 17:52:09 ----A---- C:\Windows\system32\advapi32.dll
2014-05-17 17:52:08 ----A---- C:\Windows\SYSWOW64\tdh.dll
2014-05-17 17:52:08 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-05-17 17:52:08 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2014-05-17 17:52:06 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-05-17 17:52:06 ----A---- C:\Windows\system32\drivers\netio.sys
2014-05-17 17:51:24 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-05-17 17:51:24 ----A---- C:\Windows\system32\iologmsg.dll
2014-05-17 17:51:24 ----A---- C:\Windows\system32\drivers\storport.sys
2014-05-17 17:51:24 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-05-17 17:51:24 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-05-17 17:51:20 ----A---- C:\Windows\SYSWOW64\synceng.dll
2014-05-17 17:51:20 ----A---- C:\Windows\system32\synceng.dll
2014-05-17 17:51:13 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2014-05-17 17:51:13 ----A---- C:\Windows\system32\shdocvw.dll
2014-05-17 17:51:06 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2014-05-17 17:51:06 ----A---- C:\Windows\system32\win32spl.dll
2014-05-17 17:51:01 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-05-17 17:51:01 ----A---- C:\Windows\system32\gdi32.dll
2014-05-17 17:50:59 ----A---- C:\Windows\system32\taskhost.exe
2014-05-17 17:50:58 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-05-17 17:50:58 ----A---- C:\Windows\system32\qedit.dll
2014-05-17 17:50:55 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-17 17:50:55 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-17 17:50:47 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2014-05-17 17:50:47 ----A---- C:\Windows\system32\cryptdlg.dll
2014-05-17 17:50:34 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-05-17 17:50:32 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2014-05-17 17:50:32 ----A---- C:\Windows\SYSWOW64\browcli.dll
2014-05-17 17:50:32 ----A---- C:\Windows\system32\netapi32.dll
2014-05-17 17:50:32 ----A---- C:\Windows\system32\browser.dll
2014-05-17 17:50:32 ----A---- C:\Windows\system32\browcli.dll
2014-05-17 17:50:31 ----A---- C:\Windows\system32\kernel32.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-17 17:50:30 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-05-17 17:50:30 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-05-17 17:50:30 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-05-17 17:50:30 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-05-17 17:50:30 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-05-17 17:50:30 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-05-17 17:50:30 ----A---- C:\Windows\system32\wow64win.dll
2014-05-17 17:50:30 ----A---- C:\Windows\system32\wow64cpu.dll
2014-05-17 17:50:30 ----A---- C:\Windows\system32\wow64.dll
2014-05-17 17:50:30 ----A---- C:\Windows\system32\winsrv.dll
2014-05-17 17:50:30 ----A---- C:\Windows\system32\ntvdm64.dll
2014-05-17 17:50:30 ----A---- C:\Windows\system32\conhost.exe
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-05-17 17:50:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-05-17 17:50:29 ----A---- C:\Windows\SYSWOW64\user.exe
2014-05-17 17:50:28 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-05-17 17:50:27 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-05-17 17:50:27 ----A---- C:\Windows\system32\srcore.dll
2014-05-17 17:50:25 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-05-17 17:50:21 ----A---- C:\Windows\SYSWOW64\certutil.exe
2014-05-17 17:50:21 ----A---- C:\Windows\system32\certutil.exe
2014-05-17 17:50:21 ----A---- C:\Windows\system32\certenc.dll
2014-05-17 17:50:20 ----A---- C:\Windows\SYSWOW64\certenc.dll
2014-05-17 17:49:48 ----A---- C:\Windows\SYSWOW64\wscript.exe
2014-05-17 17:49:48 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2014-05-17 17:49:48 ----A---- C:\Windows\SYSWOW64\cscript.exe
2014-05-17 17:49:48 ----A---- C:\Windows\system32\wscript.exe
2014-05-17 17:49:48 ----A---- C:\Windows\system32\scrrun.dll
2014-05-17 17:49:48 ----A---- C:\Windows\system32\cscript.exe
2014-05-17 17:49:44 ----A---- C:\Windows\system32\localspl.dll
2014-05-17 17:49:43 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-05-17 17:49:43 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-05-17 17:49:43 ----A---- C:\Windows\system32\cdd.dll
2014-05-17 17:49:18 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2014-05-17 17:49:18 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2014-05-17 17:49:18 ----A---- C:\Windows\system32\nshwfp.dll
2014-05-17 17:49:18 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-05-17 17:49:18 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-05-17 17:37:13 ----A---- C:\Windows\system32\scavengeui.dll
2014-05-12 11:20:44 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-04-29 17:10:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 month======

2014-05-20 08:42:01 ----D---- C:\Windows\Prefetch
2014-05-20 08:40:14 ----RD---- C:\Program Files
2014-05-20 08:34:46 ----D---- C:\Users\lucason3\AppData\Roaming\Skype
2014-05-20 08:13:10 ----D---- C:\Windows\system32\config
2014-05-20 08:01:17 ----D---- C:\Windows\Temp
2014-05-20 07:58:25 ----D---- C:\ProgramData\LogMeIn
2014-05-20 07:58:07 ----D---- C:\Windows\SysWOW64
2014-05-20 07:58:07 ----D---- C:\Windows\System32
2014-05-19 17:40:22 ----SHD---- C:\System Volume Information
2014-05-19 14:28:27 ----D---- C:\Windows\rescache
2014-05-19 08:40:26 ----HD---- C:\ProgramData
2014-05-19 08:40:16 ----D---- C:\Windows\system32\Tasks
2014-05-18 21:44:06 ----D---- C:\Users\lucason3\AppData\Roaming\vlc
2014-05-18 17:23:16 ----D---- C:\Windows\inf
2014-05-18 17:23:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-18 15:35:14 ----D---- C:\Windows\Microsoft.NET
2014-05-18 15:13:33 ----SHD---- C:\Windows\Installer
2014-05-18 15:08:59 ----D---- C:\Windows\winsxs
2014-05-18 15:08:57 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-05-18 15:08:57 ----D---- C:\Windows\system32\sk-SK
2014-05-18 15:08:52 ----D---- C:\Windows\system32\catroot
2014-05-18 15:08:51 ----D---- C:\Windows\system32\catroot2
2014-05-18 15:07:08 ----RD---- C:\Program Files (x86)
2014-05-18 15:07:08 ----D---- C:\Program Files (x86)\SweetIM
2014-05-18 14:46:58 ----D---- C:\Windows\system32\drivers
2014-05-18 14:36:09 ----D---- C:\Windows
2014-05-18 14:31:58 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-05-18 12:34:07 ----RSD---- C:\Windows\assembly
2014-05-18 10:17:01 ----D---- C:\Program Files\Windows Media Player
2014-05-18 10:17:01 ----D---- C:\Program Files (x86)\Windows Media Player
2014-05-18 10:17:00 ----D---- C:\Windows\SYSWOW64\en-US
2014-05-18 10:17:00 ----D---- C:\Windows\system32\en-US
2014-05-18 10:16:57 ----D---- C:\Windows\SYSWOW64\migration
2014-05-18 10:16:57 ----D---- C:\Program Files\Internet Explorer
2014-05-18 10:16:57 ----D---- C:\Program Files (x86)\Internet Explorer
2014-05-18 10:16:56 ----D---- C:\Windows\system32\migration
2014-05-18 10:16:56 ----D---- C:\Windows\PolicyDefinitions
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\zh-TW
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\zh-HK
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\zh-CN
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\tr-TR
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\sv-SE
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\ru-RU
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\pt-PT
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\pt-BR
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\pl-PL
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\nb-NO
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\ko-KR
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\ja-JP
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\it-IT
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\hu-HU
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\fr-FR
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\fi-FI
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\es-ES
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\el-GR
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\de-DE
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\da-DK
2014-05-18 10:16:54 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-05-18 10:16:53 ----D---- C:\Windows\system32\zh-TW
2014-05-18 10:16:53 ----D---- C:\Windows\system32\zh-HK
2014-05-18 10:16:53 ----D---- C:\Windows\system32\zh-CN
2014-05-18 10:16:53 ----D---- C:\Windows\system32\tr-TR
2014-05-18 10:16:53 ----D---- C:\Windows\system32\sv-SE
2014-05-18 10:16:53 ----D---- C:\Windows\system32\ru-RU
2014-05-18 10:16:53 ----D---- C:\Windows\system32\pt-PT
2014-05-18 10:16:53 ----D---- C:\Windows\system32\pt-BR
2014-05-18 10:16:53 ----D---- C:\Windows\system32\pl-PL
2014-05-18 10:16:53 ----D---- C:\Windows\system32\nl-NL
2014-05-18 10:16:53 ----D---- C:\Windows\system32\nb-NO
2014-05-18 10:16:53 ----D---- C:\Windows\system32\ko-KR
2014-05-18 10:16:53 ----D---- C:\Windows\system32\ja-JP
2014-05-18 10:16:53 ----D---- C:\Windows\system32\it-IT
2014-05-18 10:16:53 ----D---- C:\Windows\system32\hu-HU
2014-05-18 10:16:53 ----D---- C:\Windows\system32\fr-FR
2014-05-18 10:16:53 ----D---- C:\Windows\system32\fi-FI
2014-05-18 10:16:53 ----D---- C:\Windows\system32\es-ES
2014-05-18 10:16:53 ----D---- C:\Windows\system32\el-GR
2014-05-18 10:16:53 ----D---- C:\Windows\system32\de-DE
2014-05-18 10:16:53 ----D---- C:\Windows\system32\da-DK
2014-05-18 10:16:53 ----D---- C:\Windows\system32\cs-CZ
2014-05-18 10:16:52 ----D---- C:\Windows\AppPatch
2014-05-18 10:16:47 ----D---- C:\Windows\system32\drivers\en-US
2014-05-18 10:16:47 ----D---- C:\Program Files\Windows Defender
2014-05-18 10:16:47 ----D---- C:\Program Files (x86)\Windows Defender
2014-05-18 10:16:45 ----D---- C:\Windows\system32\wbem
2014-05-18 10:16:37 ----RSD---- C:\Windows\Fonts
2014-05-18 10:16:37 ----D---- C:\Program Files\Windows Journal
2014-05-18 10:16:27 ----D---- C:\Windows\system32\DriverStore
2014-05-18 01:41:39 ----SD---- C:\ProgramData\Microsoft
2014-05-18 01:31:40 ----D---- C:\Windows\Logs
2014-05-14 15:10:44 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-13 14:48:39 ----D---- C:\Users\lucason3\AppData\Roaming\uTorrent
2014-05-13 10:21:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-11 21:52:25 ----D---- C:\Program Files (x86)\Common Files
2014-05-04 17:12:44 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-04-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\D:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2013-05-30 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2012-04-02 72216]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y62x64.sys [2010-04-07 290008]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-07-29 10610400]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2012-04-02 11552]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-10-23 535040]
S1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2014-05-05 70864]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-05-05 2327248]
R2 LMIGuardianSvc;LMIGuardianSvc; D:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2014-04-18 376144]
R2 LMIMaint;LogMeIn Maintenance Service; D:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2014-04-18 226640]
R2 LogMeIn;LogMeIn; D:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2012-04-02 407424]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MgAssistService;MgAssist Service; C:\Program Files (x86)\Mobogenie\MgAssist.exe [2014-01-24 63168]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10129; C:\Program Files\IDT\WDM\STacSV64.exe [2011-10-23 309760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-16 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-16 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-12 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-18 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-12 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-15 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL Extras logfile created on: 20. 5. 2014 18:56:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\lucason3\Desktop\OTL
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,90 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,37% Memory free
7,80 Gb Paging File | 5,71 Gb Available in Paging File | 73,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 3,04 Gb Free Space | 6,24% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 42,25 Gb Free Space | 86,54% Space Free | Partition Type: NTFS
Drive E: | 86,39 Gb Total Space | 0,51 Gb Free Space | 0,59% Space Free | Partition Type: NTFS

Computer Name: HAZINPC | User Name: lucason3 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0432C56E-7A54-466F-B087-63A34E6FE361}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{04ECE261-5B2A-40CD-B7DB-93300963FA69}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0ABAC8A0-8F9B-4189-8D0B-5E6D44828A17}" = lport=2869 | protocol=6 | dir=in | app=system |
"{22011B18-D5A7-4186-9C18-611BC877F44A}" = rport=138 | protocol=17 | dir=out | app=system |
"{5700F51C-07D0-4449-9557-83EEBAFBB0AA}" = lport=445 | protocol=6 | dir=in | app=system |
"{62A30C41-1706-4083-88EC-CE617C048869}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{661A0424-4BED-4AFB-9C6F-E06CC9643E76}" = rport=137 | protocol=17 | dir=out | app=system |
"{817EBE9A-EF70-4A31-B1BC-C35790488D54}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82CAD138-2D2C-4039-8A1C-ABB94B42AA7C}" = lport=137 | protocol=17 | dir=in | app=system |
"{839460D2-11B6-4EAB-A74C-F22CBAF4DC49}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8E5F6854-71E4-465C-A868-17927D2B64E4}" = rport=445 | protocol=6 | dir=out | app=system |
"{9487C407-DEFB-49AC-B10D-83294139220C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A08B2041-158A-4BAA-A7FC-EB2DB9B55D1F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A57A0AF6-D137-42C1-928D-7C0C441F9FCF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A7033581-91F9-449F-A918-D38417CCD968}" = lport=139 | protocol=6 | dir=in | app=system |
"{A9246EF0-A49D-49A6-AB88-21FCF443CD26}" = rport=139 | protocol=6 | dir=out | app=system |
"{AA50CD1E-F479-41D5-8BFE-D01AD2575A22}" = lport=6004 | protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office12\outlook.exe |
"{BD4E2368-8639-4580-BC25-9F55E8CDD2BB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CB0742EA-C9BC-45C7-95A8-5332321797F5}" = lport=138 | protocol=17 | dir=in | app=system |
"{E10BB54A-5A55-4794-A51D-2EEF30D43507}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E6AD3DF5-2EB4-41BE-9FF8-2D0A0D441499}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E8784073-0EB5-4F6A-888A-4BA1EE2E7489}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03FE8DA7-B129-432E-9F48-2AF21D83C61A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{079823F4-7FB0-49CB-9575-1E90D6CA9E61}" = protocol=6 | dir=in | app=c:\users\lucason3\appdata\roaming\utorrent\utorrent.exe |
"{0EB7570A-89B1-4EF8-9BF7-BA123A18EDFF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1E841576-1816-46F1-8944-0F03CFAA2CDF}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{26E392FD-76F8-41FA-A45F-3E783A61C632}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office12\groove.exe |
"{28FC9D70-3D4F-468A-88BA-825D54BC8CBE}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\tvnserver.exe |
"{312AC046-E827-4D5F-AD65-F48BD62D9E96}" = protocol=6 | dir=in | app=c:\users\lucason3\appdata\local\temp\nsc6fbe.tmp\utorrent.exe |
"{31B0B0A8-EC20-4C52-AADC-AD33BF5F42E6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37C85FCB-CBED-4FEE-928F-3605B833D010}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office12\groove.exe |
"{54BCECF2-0BA1-4E9E-8321-7CBC18DFC51A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5E5A07F9-F7A1-470E-8196-7BF8446B4793}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5EBEAAC0-B68C-4907-AB56-CB84A8542A21}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6097455D-5A47-48CC-96D1-6DC4AF7AD4A9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{624EE5E2-1F3E-4ECA-8CE6-978A213C659D}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office12\onenote.exe |
"{63A0A269-0F2C-408F-B7D1-501D802D3478}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68C0EB5E-6594-4018-AF08-4243969AE44B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\tvnserver.exe |
"{7579106C-B94F-430B-ADA4-9708762CC220}" = protocol=17 | dir=in | app=c:\users\lucason3\appdata\local\temp\nsc6fbe.tmp\utorrent.exe |
"{7D63C354-EBE1-400B-8B21-6C04371ED6F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{832D3B2A-7325-44D1-8E68-B18F618EB56C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8E79886F-C6BC-49E3-95F1-8EEA574CDBF6}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{8EA747A8-73ED-4D24-9B35-B3FC9C08991F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{98BA098D-F4D3-434C-AED7-8E6F3F076494}" = protocol=17 | dir=in | app=c:\users\lucason3\appdata\roaming\utorrent\utorrent.exe |
"{9AD1437A-6764-4C82-B0CF-C477CD74A037}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A08C9727-9394-41E3-AF45-4BA5E27F9C38}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{A31C6EE7-B75C-4FDC-8B76-26BA6208E0C1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A659565F-CE5C-4C02-A47F-717D9CF8995F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BD1422C6-BC3C-4E34-AFAC-85706053A978}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DED1F71A-42AD-4596-A4B4-605F38C8A320}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DF22F89B-D083-474E-B660-2DC674827825}" = protocol=58 | dir=in | app=system |
"{E1ECBF51-ABA4-4154-A2A3-11A28AA8775A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E96B3C63-3D2B-455B-82C1-359916BA1AB4}" = protocol=6 | dir=out | app=system |
"{EE6157ED-D817-4EB1-B1EE-CDD93C04C18D}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office12\onenote.exe |
"{F2591390-B04C-47CF-B823-D8147D6CCB21}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FDE12ADE-7A89-41FA-8A80-408583660AB8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{D5558268-0050-4B95-AD5E-426960E1EFE1}" = Intel(R) Network Connections 15.3.68.0
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"PROSetDX" = Intel(R) Network Connections 15.3.68.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{39AB4A9F-97DB-4BCA-981F-B85189115037}" = GeekBuddy
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1051-7B44-AA1000000001}" = Adobe Reader X (10.1.10) - Slovak
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{EE4CA5AF-4A55-418C-8CB8-74435814207B}" = LogMeIn
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"ENTERPRISE" = Microsoft Office Enterprise 2007
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.0.2 (Full)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 2.0.1.1004
"Mozilla Firefox 29.0.1 (x86 sk)" = Mozilla Firefox 29.0.1 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Picasa 3" = Picasa 3
"VLC media player" = VLC media player 2.1.3
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"winscp3_is1" = WinSCP 4.3.8

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2158292681-2161067555-2850423787-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20. 5. 2014 3:21:11 | Computer Name = HAZINPC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 20. 5. 2014 4:21:11 | Computer Name = HAZINPC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 20. 5. 2014 5:21:11 | Computer Name = HAZINPC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 20. 5. 2014 6:21:11 | Computer Name = HAZINPC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 20. 5. 2014 7:21:11 | Computer Name = HAZINPC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 20. 5. 2014 8:21:11 | Computer Name = HAZINPC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 20. 5. 2014 9:21:11 | Computer Name = HAZINPC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 20. 5. 2014 10:21:12 | Computer Name = HAZINPC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 20. 5. 2014 11:21:12 | Computer Name = HAZINPC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 20. 5. 2014 12:21:12 | Computer Name = HAZINPC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

[ System Events ]
Error - 18. 5. 2014 11:20:14 | Computer Name = HAZINPC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 18. 5. 2014 11:20:14 | Computer Name = HAZINPC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 18. 5. 2014 11:20:15 | Computer Name = HAZINPC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 18. 5. 2014 11:20:16 | Computer Name = HAZINPC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 18. 5. 2014 11:20:17 | Computer Name = HAZINPC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 18. 5. 2014 11:20:18 | Computer Name = HAZINPC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 19. 5. 2014 2:27:28 | Computer Name = HAZINPC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: CFRMD

Error - 19. 5. 2014 11:40:21 | Computer Name = HAZINPC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 20. 5. 2014 1:58:31 | Computer Name = HAZINPC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: CFRMD

Error - 20. 5. 2014 3:21:11 | Computer Name = HAZINPC | Source = DCOM | ID = 10001
Description =

< End of report >

OTL logfile created on: 20. 5. 2014 18:56:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\lucason3\Desktop\OTL
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,90 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,37% Memory free
7,80 Gb Paging File | 5,71 Gb Available in Paging File | 73,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,73 Gb Total Space | 3,04 Gb Free Space | 6,24% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 42,25 Gb Free Space | 86,54% Space Free | Partition Type: NTFS
Drive E: | 86,39 Gb Total Space | 0,51 Gb Free Space | 0,59% Space Free | Partition Type: NTFS

Computer Name: HAZINPC | User Name: lucason3 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/05/20 15:36:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\lucason3\Desktop\OTL\OTL.exe
PRC - [2014/05/14 15:10:44 | 001,863,856 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
PRC - [2014/05/12 11:20:50 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/05/05 12:20:16 | 000,255,696 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\COMODO\GeekBuddy\unit_manager.exe
PRC - [2014/05/05 12:20:16 | 000,241,872 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\COMODO\GeekBuddy\unit.exe
PRC - [2014/05/05 12:20:16 | 000,070,864 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
PRC - [2014/05/05 10:46:18 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
PRC - [2014/01/24 16:04:22 | 000,063,168 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\MgAssist.exe
PRC - [2014/01/24 16:04:18 | 000,775,872 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
PRC - [2013/12/18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

========== Modules (No Company Name) ==========

MOD - [2014/05/14 15:10:44 | 016,361,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
MOD - [2014/05/12 11:20:49 | 003,839,088 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/01/24 16:04:18 | 000,775,872 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MOD - [2014/01/24 15:55:14 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Mobogenie\Device.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/05/18 01:25:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/04/16 23:12:45 | 006,817,544 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2014/03/25 21:22:18 | 002,264,280 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/10/23 21:50:28 | 000,309,760 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/05/14 15:10:44 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/12 11:20:49 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/05 12:20:16 | 000,070,864 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher)
SRV - [2014/05/05 10:46:18 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2014/04/18 18:43:29 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2014/04/18 18:43:23 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014/01/24 16:04:22 | 000,063,168 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Mobogenie\MgAssist.exe -- (MgAssistService)
SRV - [2013/12/18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/04/02 12:17:40 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/10/27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/04/18 18:43:24 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2014/04/16 23:12:55 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2012/04/02 12:17:40 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012/04/02 12:17:18 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/23 20:08:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/01/23 20:08:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/10/23 21:50:28 | 000,535,040 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/11/21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/07/29 05:10:42 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/07 16:04:00 | 000,290,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress)
DRV:64bit: - [2010/03/15 23:45:28 | 000,145,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/05/30 15:31:44 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- D:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2012/09/03 09:20:00 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 1CC0711607}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 1CC0711607}
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CF 89 62 40 31 63 CD 01 [binary data]
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.sk/
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\..\SearchScopes,DefaultScope = {0388404D-6072-4CEB-B521-8F090FEAEE57}
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTe ... rer:source}
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcer ... ORM=IE11SR
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\..\SearchScopes\{8D483D04-76A4-4820-9DC4-7458E4345300}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 1CC0711607}
IE - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.sk/"

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: d:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\AdobeReader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\lucason3\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\lucason3\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/07/15 11:15:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lucason3\AppData\Roaming\mozilla\Extensions
[2014/05/18 14:26:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lucason3\AppData\Roaming\mozilla\Firefox\Profiles\9oi8amhe.default\extensions
[2014/04/17 08:30:19 | 000,000,000 | ---D | M] (AppGraffiti) -- C:\Users\lucason3\AppData\Roaming\mozilla\Firefox\Profiles\9oi8amhe.default\extensions\AppGraffiti@AppGraffiti.com
[2013/01/10 18:42:43 | 000,190,000 | ---- | M] () (No name found) -- C:\Users\lucason3\AppData\Roaming\mozilla\firefox\profiles\9oi8amhe.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012/07/16 12:03:40 | 000,001,390 | ---- | M] () -- C:\Users\lucason3\AppData\Roaming\mozilla\firefox\profiles\9oi8amhe.default\searchplugins\yahoo-zugo.xml
[2014/05/12 11:20:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/05/12 11:20:45 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/05/12 11:20:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/12 11:20:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://home.sweetim.com/?crg=3.1010000. ... 1CC0711607}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\lucason3\AppData\Local\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\lucason3\AppData\Local\Google\Chrome\Application\34.0.1847.137\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\lucason3\AppData\Local\Google\Chrome\Application\34.0.1847.137\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\lucason3\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\AdobeReader\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = d:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: VLC Web Plugin (Enabled) = d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - Extension: SweetIM for Facebook = C:\Users\lucason3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Users\lucason3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: Skype Click to Call = C:\Users\lucason3\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\
CHR - Extension: PeĹaĹľenka Google = C:\Users\lucason3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: SweetIM for Facebook = C:\Users\lucason3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Users\lucason3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: Skype Click to Call = C:\Users\lucason3\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\
CHR - Extension: PeĹaĹľenka Google = C:\Users\lucason3\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] D:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [GrooveMonitor] D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe ()
O4 - HKLM..\Run: [tvncontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000..\Run: [BitTorrent Sync] "C:\Program Files (x86)\BitTorrent Sync\BTSync.exe" /MINIMIZED File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2158292681-2161067555-2850423787-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E865634B-1B8E-49FB-8B5D-4A96DEA6773A}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{fb1a19e5-d7be-11e1-9c1a-001cc0711607}\Shell - "" = AutoRun
O33 - MountPoints2\{fb1a19e5-d7be-11e1-9c1a-001cc0711607}\Shell\AutoRun\command - "" = G:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/05/20 18:53:32 | 000,000,000 | ---D | C] -- C:\Users\lucason3\Desktop\OTL
[2014/05/20 08:40:14 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/05/20 08:40:13 | 000,000,000 | ---D | C] -- C:\rsit
[2014/05/20 08:39:42 | 000,000,000 | ---D | C] -- C:\Users\lucason3\Desktop\Desktop
[2014/05/19 08:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2014/05/19 08:40:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Shared Space
[2014/05/19 08:40:02 | 000,352,984 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdvrt64.dll
[2014/05/19 08:40:02 | 000,284,888 | ---- | C] (COMODO) -- C:\Windows\SysWow64\cmdvrt32.dll
[2014/05/19 08:40:02 | 000,045,784 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdkbd64.dll
[2014/05/19 08:40:02 | 000,040,664 | ---- | C] (COMODO) -- C:\Windows\SysWow64\cmdkbd32.dll
[2014/05/18 15:18:54 | 000,000,000 | -HSD | C] -- C:\Users\lucason3\AppData\Local\EmieUserList
[2014/05/18 15:18:54 | 000,000,000 | -HSD | C] -- C:\Users\lucason3\AppData\Local\EmieSiteList
[2014/05/18 14:46:58 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/18 14:46:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/05/18 14:46:45 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/05/18 14:46:45 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/05/18 14:46:45 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/05/18 14:46:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/05/18 14:46:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/05/18 10:16:52 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/05/18 01:41:39 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/05/18 00:06:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/05/12 19:09:52 | 000,000,000 | ---D | C] -- C:\Users\lucason3\Desktop\usb pap a bakal
[2014/05/12 11:20:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/11 21:52:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/05/20 18:58:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/05/20 18:58:06 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2014/05/20 18:51:40 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/20 18:36:11 | 000,020,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/20 18:36:11 | 000,020,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/20 18:30:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2158292681-2161067555-2850423787-1003UA.job
[2014/05/20 18:12:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2158292681-2161067555-2850423787-1000UA.job
[2014/05/20 18:10:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/20 15:51:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/20 15:30:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2158292681-2161067555-2850423787-1003Core.job
[2014/05/20 09:12:57 | 000,785,826 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/05/20 09:12:57 | 000,656,848 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/05/20 09:12:57 | 000,122,660 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/05/20 08:12:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2158292681-2161067555-2850423787-1000Core.job
[2014/05/20 07:58:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/20 07:58:08 | 3141,165,056 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/19 11:24:20 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/19 08:40:16 | 000,002,291 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2014/05/18 14:46:48 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/18 14:31:58 | 000,769,692 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/05/18 10:19:49 | 000,419,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/05/18 01:25:59 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/05/18 01:25:45 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/05/12 09:13:17 | 000,001,072 | ---- | M] () -- C:\Users\lucason3\Desktop\µTorrent.lnk
[2014/05/11 21:52:28 | 000,002,050 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2014/05/11 21:52:28 | 000,002,050 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/05/20 18:58:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/05/18 14:46:48 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/18 01:25:59 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/05/18 01:25:45 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/05/17 23:55:08 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/05/17 17:54:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/05/12 08:43:51 | 000,001,072 | ---- | C] () -- C:\Users\lucason3\Desktop\µTorrent.lnk
[2013/02/16 18:31:29 | 000,002,967 | ---- | C] () -- C:\Users\lucason3\AppData\Local\SRDownloader.err
[2013/01/26 14:57:32 | 000,001,104 | ---- | C] () -- C:\Users\lucason3\AppData\Local\SRDownloader.nast
[2012/12/24 17:27:19 | 000,000,512 | ---- | C] () -- C:\Windows\eReg.dat
[2012/09/26 19:52:23 | 000,769,692 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/07/16 12:03:27 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/07/15 13:44:16 | 000,000,600 | ---- | C] () -- C:\Users\lucason3\AppData\Roaming\winscp.rnd

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/08/10 11:58:23 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\Canneverbe Limited
[2014/05/13 14:48:39 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\uTorrent
[2013/04/17 19:41:41 | 000,000,000 | ---D | M] -- C:\Users\michalla\AppData\Roaming\Canneverbe Limited

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,610 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/07/15 11:13:15 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2158292681-2161067555-2850423787-1000Core.job
[2012/07/15 11:13:17 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2158292681-2161067555-2850423787-1000UA.job
[2012/07/16 13:14:04 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/07/16 13:16:21 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2158292681-2161067555-2850423787-1003Core.job
[2012/07/16 13:16:22 | 000,000,958 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2158292681-2161067555-2850423787-1003UA.job
[2012/07/16 21:46:36 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/07/16 21:46:37 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012/04/24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013/05/10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012/04/24 07:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2013/10/05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SoftwareDistribution\Download\cee5b8a1732f52c558753983be90a1b0\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SoftwareDistribution\Download\cee5b8a1732f52c558753983be90a1b0\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013/05/10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010/11/21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012/04/24 07:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2013/05/10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013/10/05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2012/01/23 20:37:18 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2012/01/23 20:37:18 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2012/01/23 20:37:18 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2012/01/23 20:37:18 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2012/01/23 20:37:19 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2012/01/23 20:37:19 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2012/01/23 20:08:48 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2012/01/23 20:08:48 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2012/01/23 20:08:48 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2012/01/23 20:08:48 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2012/01/23 20:57:01 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\SysNative\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2012/06/04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012/01/23 20:57:01 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2012/01/23 20:57:01 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2012/01/23 20:08:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2012/01/23 20:08:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2012/01/23 20:08:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2012/01/23 20:08:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2012/01/23 20:08:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2012/01/23 20:08:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2012/01/23 20:08:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2012/01/23 20:08:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013/08/29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013/08/02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013/03/19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SoftwareDistribution\Download\63e7d454eeb6cdac5bd05042201891bd\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014/04/03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2012/01/23 20:57:39 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SoftwareDistribution\Download\1c012f0794cde3759c755dcc871d67ef\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010/11/21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012/01/23 20:28:35 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/07/06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012/01/23 20:28:35 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013/11/26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012/01/23 20:57:39 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/04/03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[26 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp files -> C:\Windows\Installer\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e3698c58def47b366f88a743e3d61360\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e3698c58def47b366f88a743e3d61360\*.tmp -> ]
[21 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\{EC2C7EA0-86C4-443B-9F6E-9FD5BF01F12C}\*.tmp files -> C:\Windows\Temp\{EC2C7EA0-86C4-443B-9F6E-9FD5BF01F12C}\*.tmp -> ]
[1 C:\Windows\Temp\Google Toolbar\*.tmp files -> C:\Windows\Temp\Google Toolbar\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/07/15 13:25:27 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\Adobe
[2012/08/10 11:58:23 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\Canneverbe Limited
[2013/10/27 16:17:27 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\dvdcss
[2012/07/15 10:44:30 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\Identities
[2012/07/16 13:14:14 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\Macromedia
[2010/11/21 17:10:34 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\Media Center Programs
[2012/07/17 23:54:02 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\Media Player Classic
[2014/05/20 19:31:59 | 000,000,000 | --SD | M] -- C:\Users\lucason3\AppData\Roaming\Microsoft
[2012/07/15 11:15:43 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\Mozilla
[2014/05/20 19:33:59 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\Skype
[2014/05/13 14:48:39 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\uTorrent
[2014/05/20 09:29:26 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\vlc
[2012/07/27 00:23:34 | 000,000,000 | ---D | M] -- C:\Users\lucason3\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2014/01/09 10:53:56 | 000,071,894 | R--- | M] () -- C:\Users\lucason3\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2014/05/12 08:44:06 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\lucason3\AppData\Roaming\uTorrent\uTorrent.exe
[2014/03/26 09:39:40 | 001,614,416 | ---- | M] (BitTorrent Inc.) -- C:\Users\lucason3\AppData\Roaming\uTorrent\updates\3.4.0_30660.exe
[2014/05/12 08:44:06 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\lucason3\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2014/05/18 01:26:02 | 011,745,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2014/05/18 01:25:53 | 000,116,736 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2014/05/18 01:26:02 | 011,745,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2014/05/18 01:25:53 | 000,116,736 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/05/18 01:22:00 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/05/18 01:22:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/05/18 01:22:01 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/05/18 01:22:01 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/05/18 01:22:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/05/18 01:22:01 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/05/18 01:22:01 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/05/18 01:22:01 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/05/18 01:22:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
[2014/05/18 01:21:59 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10.dll
[2014/05/18 01:21:59 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10core.dll
[2014/05/18 01:21:58 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll
[2014/05/18 01:21:58 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1.dll
[2014/05/18 01:21:58 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1core.dll
[2014/05/18 01:21:59 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll
[2014/05/18 01:21:57 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxgi.dll
[2014/05/18 01:26:00 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2014/05/18 01:26:01 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2014/05/18 01:26:12 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elshyph.dll
[2014/05/18 01:26:01 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\html.iec
[2014/05/18 01:25:59 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2014/05/18 01:25:53 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2014/05/18 01:26:00 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dat
[2014/05/18 01:26:00 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2014/05/18 01:26:00 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2014/05/18 01:25:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieetwproxystub.dll
[2014/05/18 01:26:02 | 011,745,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2014/05/18 01:25:53 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2014/05/18 01:25:59 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2014/05/18 01:26:04 | 002,178,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2014/05/18 01:25:59 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2014/05/18 01:25:51 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2014/05/18 01:26:03 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2014/05/18 01:25:59 | 000,016,284 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2014/05/18 01:25:55 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2014/05/18 01:25:58 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iexpress.exe
[2014/05/18 01:25:54 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2014/05/18 01:25:59 | 001,967,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcpl.cpl
[2014/05/18 01:25:58 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2014/05/18 01:26:02 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\JavaScriptCollectionAgent.dll
[2014/05/18 01:25:54 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2014/05/18 01:25:51 | 004,254,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2014/05/18 01:25:52 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9diag.dll
[2014/05/18 01:26:05 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsIntl.dll
[2014/05/18 01:26:04 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2014/05/18 01:25:59 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2014/05/18 01:25:57 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2014/05/18 01:25:53 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2014/05/18 01:25:53 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2014/05/18 01:25:54 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2014/05/18 01:25:55 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MshtmlDac.dll
[2014/05/18 01:25:52 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2014/05/18 01:25:58 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmlmedia.dll
[2014/05/18 01:26:04 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2014/05/18 01:22:00 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msmpeg2vdec.dll
[2014/05/18 01:26:03 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2014/05/18 01:25:55 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2014/05/18 14:31:58 | 000,769,692 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2014/05/18 01:25:56 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2014/05/18 01:26:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegisterIEPKEYs.exe
[2014/05/18 01:25:52 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetIEInstalledDate.exe
[2014/05/18 01:26:01 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdc.ocx
[2014/05/18 01:21:57 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UIAnimation.dll
[2014/05/18 01:26:00 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2014/05/18 01:26:03 | 001,143,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2014/05/18 01:25:57 | 000,455,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2014/05/18 01:25:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2014/05/18 01:25:58 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wextract.exe
[2014/05/18 01:21:59 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WindowsCodecsExt.dll
[2014/05/18 01:26:04 | 001,789,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
[2014/05/18 01:22:00 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsGdiConverter.dll
[2014/05/18 01:22:00 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsPrint.dll

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\lucason3\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012/07/15 11:13:14 | 000,116,648 | ---- | M] (Google Inc.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2014/02/10 18:46:14 | 020,922,016 | R--- | M] (Skype Technologies S.A.)
"BitTorrent Sync" = "C:\Program Files (x86)\BitTorrent Sync\BTSync.exe" /MINIMIZED

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/05/20 18:58:44 | 000,000,512 | ---- | M] () MD5=F1FF010C79C674FC0B6A61114300EE05 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2006/10/26 13:45:02 | 000,061,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2006/10/26 13:45:02 | 000,004,608 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2013/02/16 18:50:48 | 000,002,967 | ---- | M] () -- \Users\lucason3\AppData\Local\SRDownloader.err
[2014/02/05 17:39:22 | 000,001,104 | ---- | M] () -- \Users\lucason3\AppData\Local\SRDownloader.nast
[2014/05/18 14:40:33 | 000,001,870 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90J8KRQM\AdLoader[1].htm
[2014/05/18 15:19:30 | 000,002,608 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90J8KRQM\ajax-loader-soccer[1].gif
[2014/05/18 11:22:05 | 000,001,870 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M4TL080F\AdLoader[1].htm
[2014/05/18 11:22:06 | 000,112,122 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2UWEFFT\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2013/11/14 16:59:21 | 000,110,642 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S5T04BQH\AdLoader-05424a4ab7d836fbf1bc3b5c2b3458f1.min[1].js
[2014/01/09 11:26:14 | 000,110,991 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S5T04BQH\AdLoader-7b857a7be889bd57f92da60a9b6146bb.min[1].js
[2014/04/04 13:53:51 | 000,001,870 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S5T04BQH\AdLoader[1].htm
[2014/02/15 23:44:29 | 000,001,537 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SNT2K0PB\AdLoader[1].htm
[2014/04/04 13:53:50 | 000,001,870 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SNT2K0PB\AdLoader[2].htm
[2013/11/17 10:51:11 | 000,000,723 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SNT2K0PB\downloaderror[1].js
[2013/11/17 10:51:11 | 000,001,174 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SNT2K0PB\downloader[1].js
[2012/07/21 10:03:53 | 000,010,519 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SV6USUAJ\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012/07/16 22:18:21 | 000,010,879 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SV6USUAJ\sj_textloader[1].js
[2013/08/28 09:46:46 | 000,109,505 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TM2VQZVU\AdLoader-3ce32d357de39fd9427f374be93bd0ac.min[1].js
[2014/04/04 13:53:51 | 000,112,122 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TM2VQZVU\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014/02/15 23:44:29 | 000,111,438 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TM2VQZVU\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2014/02/21 17:21:24 | 000,111,819 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V56YDAQO\AdLoader-725aebe4743338ea770018ce780c157b.min[1].js
[2014/02/21 17:21:24 | 000,001,870 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V56YDAQO\AdLoader[1].htm
[2012/07/16 12:00:22 | 000,000,905 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXPNEXEB\TooltipLoader[1].css
[2012/07/16 12:00:22 | 000,014,290 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXPNEXEB\TooltipLoader[1].js
[2012/08/10 11:48:30 | 000,105,903 | ---- | M] () -- \Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y89USJ91\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2014/01/28 19:35:56 | 000,072,638 | ---- | M] () -- \Users\lucason3\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/01/28 19:35:56 | 000,003,032 | ---- | M] () -- \Users\lucason3\AppData\Local\Skype\Apps\login\images\loader.png
[2014/01/28 19:35:56 | 000,006,012 | ---- | M] () -- \Users\lucason3\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/01/28 19:35:56 | 000,021,956 | ---- | M] () -- \Users\lucason3\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/01/28 19:35:56 | 000,009,772 | ---- | M] () -- \Users\lucason3\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2009/07/30 18:52:30 | 009,961,237 | ---- | M] () -- \Users\lucason3\AppData\Local\Temp\ckz_7L6K\Loader.exe
[2014/01/09 10:53:56 | 000,071,894 | R--- | M] () -- \Users\lucason3\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013/10/16 17:03:11 | 000,001,511 | ---- | M] () -- \Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\385VBW54\AdLoader[1].htm
[2013/06/20 22:27:25 | 000,109,448 | ---- | M] () -- \Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9KZ5Z81K\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2014/03/11 20:40:28 | 000,001,870 | ---- | M] () -- \Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9KZ5Z81K\AdLoader[1].htm
[2014/02/15 16:38:32 | 000,009,427 | ---- | M] () -- \Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9KZ5Z81K\loader[1].gif
[2014/02/15 16:38:30 | 000,009,427 | ---- | M] () -- \Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9KZ5Z81K\loader_c[1].gif
[2013/10/16 17:03:11 | 000,109,505 | ---- | M] () -- \Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9MEAYSB2\AdLoader-3ce32d357de39fd9427f374be93bd0ac.min[1].js
[2014/02/19 17:49:56 | 000,003,061 | ---- | M] () -- \Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9MEAYSB2\rmsloaderdelayeddiv[1].js
[2014/05/19 21:52:21 | 000,063,289 | ---- | M] () -- \Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0V0CRBL\468728_724024_yuiloader_dom_event[1].js
[2012/08/12 16:58:13 | 000,105,903 | ---- | M] () -- \Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QZ9X6BTL\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2014/03/11 20:40:29 | 000,112,122 | ---- | M] () -- \Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QZ9X6BTL\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2012/07/21 09:57:16 | 000,010,519 | ---- | M] () -- \Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QZ9X6BTL\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2014/02/15 16:38:30 | 000,000,673 | ---- | M] () -- \Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QZ9X6BTL\loader_b[1].gif
[2014/03/26 18:02:26 | 003,305,472 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
[2014/03/26 17:59:54 | 000,000,702 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_advoptions.fen
[2014/03/26 17:59:54 | 000,000,790 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_debug.fen
[2014/03/26 17:59:54 | 000,000,723 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_download.fen
[2014/03/26 17:59:54 | 000,000,694 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_file_errors.fen
[2014/01/06 11:47:06 | 000,171,541 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_icons.psd
[2014/03/26 17:59:54 | 000,000,634 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_manage_devices.fen
[2014/03/26 17:59:54 | 000,002,379 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_onboard.fen
[2014/03/26 17:59:54 | 000,001,417 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_options.fen
[2014/03/26 17:59:54 | 000,001,330 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_pinwheel_72.png
[2014/03/26 17:59:54 | 000,002,541 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_pinwheel_72x2.png
[2014/03/26 17:59:54 | 000,002,177 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_prefs.fen
[2014/03/26 17:59:54 | 000,000,956 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error1.fen
[2014/03/26 17:59:54 | 000,001,080 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error2.fen
[2014/03/26 17:59:54 | 000,001,139 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error_estimate.fen
[2014/03/26 17:59:54 | 000,002,181 | ---- | M] () -- \Users\michalla\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_welcome.fen
[2014/01/28 20:35:56 | 000,072,638 | ---- | M] () -- \Users\michalla\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/01/28 20:35:56 | 000,003,032 | ---- | M] () -- \Users\michalla\AppData\Local\Skype\Apps\login\images\loader.png
[2014/01/28 20:35:56 | 000,006,012 | ---- | M] () -- \Users\michalla\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/01/28 20:35:56 | 000,021,956 | ---- | M] () -- \Users\michalla\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/01/28 20:35:56 | 000,009,772 | ---- | M] () -- \Users\michalla\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014/01/15 20:11:00 | 000,071,894 | R--- | M] () -- \Users\michalla\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2012/07/15 14:06:58 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013/08/02 04:12:19 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\63e7d454eeb6cdac5bd05042201891bd\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\63e7d454eeb6cdac5bd05042201891bd\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\b5eb64a2a2d59058733468e222ed35e9\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\b5eb64a2a2d59058733468e222ed35e9\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 04:12:19 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/23 20:53:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/05/18 01:23:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/23 20:53:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/05/18 01:23:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2010/11/21 17:00:29 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 17:00:29 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2010/11/21 17:00:29 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2010/11/21 17:00:29 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2010/11/21 17:00:29 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2012/01/23 20:30:11 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012/01/23 20:30:11 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012/01/23 20:30:11 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012/01/23 20:30:11 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012/01/23 20:30:11 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010/11/21 16:59:29 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2012/01/23 20:30:05 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012/01/23 20:30:05 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/23 20:53:56 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/05/18 01:23:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/23 20:53:52 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/05/18 01:23:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2005/10/28 15:29:20 | 000,000,592 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\EnumerateSerialPorts.snippet
[2005/10/28 15:29:20 | 000,001,178 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\ReadDatafromaSerialPort.snippet
[2005/10/28 15:29:20 | 000,001,492 | ---- | M] () -- \Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\VBSnippets\1033\Connectivity\UseaSerialPorttoDialaPhoneNumber.snippet
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012/07/16 12:05:19 | 000,000,024 | ---- | M] () -- \Users\lucason3\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2014/01/03 18:31:41 | 000,003,072 | ---- | M] () -- \Users\michalla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage
[2014/01/03 18:31:41 | 000,003,608 | ---- | M] () -- \Users\michalla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2013/10/28 18:47:53 | 000,000,024 | ---- | M] () -- \Users\michalla\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/05/18 10:24:33 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/05/18 10:25:28 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014/05/18 10:27:20 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/05/18 10:28:55 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b73fbf8a2db2192752ad2b13744a393b\System.Runtime.Serialization.ni.dll
[2014/05/18 14:33:48 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/05/18 14:33:48 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/05/18 14:34:07 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014/05/18 14:34:07 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014/05/18 15:00:48 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014/05/18 15:00:48 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014/05/18 15:04:11 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/05/18 15:04:11 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/05/18 15:05:41 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
[2014/05/18 15:05:41 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll.aux
[2014/05/18 15:34:53 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014/05/18 15:34:53 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/09/11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2005/09/23 07:56:56 | 000,008,007 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.xml
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2012/10/05 22:09:22 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ar-sa_da66fe5d47789091.manifest
[2012/10/05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012/10/05 22:03:20 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_da-dk_622a3c9da1a8c4d8.manifest
[2012/10/05 20:10:04 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_de-de_626f1d4da174828e.manifest
[2012/10/05 22:02:37 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_el-gr_8f546afdbfc776f0.manifest
[2012/10/05 21:54:09 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_es-es_8f50994bbfc949f4.manifest
[2012/10/05 22:02:40 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_fi-fi_bd1d8c79dd71129a.manifest
[2012/10/05 20:08:58 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_fr-fr_bcc53fc7ddb1f222.manifest
[2012/10/05 22:01:09 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_he-il_17cecb28196cb924.manifest
[2012/10/05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_hu-hu_177d7e9619a74ce6.manifest
[2012/10/05 22:12:18 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_it-it_44f22512378ff514.manifest
[2012/10/05 21:11:25 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ja-jp_7275361e55708151.manifest
[2012/10/05 21:10:37 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ko-kr_9fd8712c7363f96b.manifest
[2012/10/05 22:02:32 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_nb-no_282c61bccd26f48f.manifest
[2012/10/05 22:12:15 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_nl-nl_2856d464cd059e22.manifest
[2012/10/05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_pl-pl_832c821908e5590e.manifest
[2012/10/05 21:51:35 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_pt-br_82f38a4d090ef34a.manifest
[2012/10/05 22:12:12 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_pt-pt_82de0509091f034e.manifest
[2012/10/05 22:03:52 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_ru-ru_dda9e31b4505f382.manifest
[2012/10/05 22:12:13 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_sv-se_0bc2b8ff62732b3f.manifest
[2012/10/05 22:12:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_tr-tr_389cffb580d00e96.manifest
[2012/10/05 21:15:11 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_zh-cn_493f19f4345813af.manifest
[2012/10/05 21:15:20 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_zh-tw_48ddeaee34a0debf.manifest
[2012/10/05 21:54:03 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ar-sa_c395599f61238589.manifest
[2012/10/05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2012/10/05 21:54:13 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_da-dk_4b5897dfbb53b9d0.manifest
[2012/10/05 19:58:55 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_de-de_4b9d788fbb1f7786.manifest
[2012/10/05 21:53:49 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_el-gr_7882c63fd9726be8.manifest
[2012/10/05 21:48:11 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_es-es_787ef48dd9743eec.manifest
[2012/10/05 21:52:37 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_fi-fi_a64be7bbf71c0792.manifest
[2012/10/05 20:00:18 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_fr-fr_a5f39b09f75ce71a.manifest
[2012/10/05 21:54:34 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_he-il_00fd266a3317ae1c.manifest
[2012/10/05 21:59:30 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_hu-hu_00abd9d8335241de.manifest
[2012/10/05 21:59:26 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_it-it_2e208054513aea0c.manifest
[2012/10/05 21:01:19 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ja-jp_5ba391606f1b7649.manifest
[2012/10/05 21:03:36 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ko-kr_8906cc6e8d0eee63.manifest
[2012/10/05 21:54:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_nb-no_115abcfee6d1e987.manifest
[2012/10/05 22:00:42 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_nl-nl_11852fa6e6b0931a.manifest
[2012/10/05 22:00:50 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_pl-pl_6c5add5b22904e06.manifest
[2012/10/05 21:48:47 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_pt-br_6c21e58f22b9e842.manifest
[2012/10/05 22:00:41 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_pt-pt_6c0c604b22c9f846.manifest
[2012/10/05 21:54:16 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_ru-ru_c6d83e5d5eb0e87a.manifest
[2012/10/05 22:00:43 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_sv-se_f4f114417c1e2037.manifest
[2012/10/05 22:00:35 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_tr-tr_21cb5af79a7b038e.manifest
[2012/10/05 21:03:52 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_zh-cn_326d75364e0308a7.manifest
[2012/10/05 21:03:53 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d49f800287b6feea051b21e010caccde\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_zh-tw_320c46304e4bd3b7.manifest
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2010/11/21 17:00:02 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2010/11/21 17:00:02 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2010/11/21 17:00:00 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009/07/14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010/11/21 17:00:06 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2012/01/23 20:30:11 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012/01/23 20:30:11 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2010/11/21 17:00:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009/07/14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2010/11/21 17:00:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2012/01/23 20:30:06 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012/01/23 20:30:06 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2010/11/21 16:59:36 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 20:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 19:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010/11/21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2010/11/21 17:00:02 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/11/21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

Nejake to smeti tam je.

Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 21. 5. 2014
Čas skenování: 13:35:31
Protokol: sgsdf.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.05.21.04
Databáze rootkitů: v2014.03.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: lucason3

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 454126
Uplynulý čas: 1 hod, 48 min, 44 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 48
PUP.Optional.RebateInformer.A, C:\Users\lucason3\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXPNEXEB\RebateInformerSetup[1].exe, , [ce329070a759a45c96169c81d9288d73],
Extension.Mismatch, C:\Users\lucason3\Downloads\Tough Bond\TB_CAN_CROP_5_LAURELS.tif, , [728e09f7b84849b7b885afbd619fc23e],
PUP.Optional.OneClickDownloader.A, C:\Users\michalla\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000, , [7d8358a851afde22c24f1b21d32e7888],
PUP.Optional.OneClickDownloader.A, C:\Users\michalla\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000, , [5ea2728ea15f0ff1679ef220be437d83],
PUP.Optional.DealPly.A, C:\Users\michalla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QZ9X6BTL\ATDheNetTVApp[1].exe, , [b54b20e08878a25e1fdceb35b44c748c],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{00FEA60D-43D4-4DFC-88FB-6F0F2D5C8677}, , [9c64629e08f85da3068869761fe412ee],
PUP.Optional.GrabRez.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{04C2FE62-BF53-4AFD-94CE-899096F2854F}, , [d7296f9109f73bc503030e47f01102fe],
PUP.Optional.SweetPacks.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{052CA22C-CE5D-4C5C-9F8A-F976366D7EF2}, , [5ea29868768a8080e9ab31d53dc402fe],
PUP.Optional.InstalleRex, C:\ProgramData\Comodo\Cis\Quarantine\data\{0EE7B956-E1C1-4E9C-A1F0-A915DA98E427}, , [2dd31ce410f04fb1b8256e0120e1b54b],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{15005CA0-3C48-428D-87C3-5141B7A0370D}, , [0cf448b899674db393fbc21da85b57a9],
PUP.Optional.SweetPacks.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{1DFADF4F-D129-4C9A-ADF0-8CFAB315B569}, , [7a86916fca36ed13860e60a6c041ac54],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{2226935E-1B91-4F72-BE96-927558DB75DF}, , [e818b64af40c1de3206e667928db1ce4],
Spyware.Zbot, C:\ProgramData\Comodo\Cis\Quarantine\data\{255EFAD6-E345-44C7-90DD-9B41BDC6E557}, , [ad538f71e9172bd5d6d60c661be52fd1],
PUP.Optional.SweetPacks.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{2E08C791-9FA7-4ED2-AFA5-570BDA2F529D}, , [2bd52ad6b9476e925c38c14544bd2bd5],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{3326EEA1-7808-48E5-8271-D27F37FF9266}, , [b54b0bf558a82cd45e30bd22ab588a76],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{81740425-A702-43E7-8E00-A76E92B0A7E5}, , [30d07e82f50b4eb2c6c8f9e63dc622de],
PUP.Optional.GrabRez.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{8A6D21F8-7828-4F7C-BC5E-78CEB3F5F5F8}, , [36cae51b18e834cc2fd7183def12cf31],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{8D219ECC-5E12-42A4-ACC8-0DE924CCE1E5}, , [5ca4fa06e818f010315d805f46bd0ff1],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{97681455-27BB-480A-A1A4-BDEBEB64DF83}, , [48b84ab6cb35fc04d2bca83735ce966a],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{9BBFA56A-C39F-408D-9FB9-1B888246A87C}, , [669aad5347b93dc38d01fbe4f50e04fc],
PUP.BundleInstaller.DW, C:\ProgramData\Comodo\Cis\Quarantine\data\{A70618E1-6556-475C-8DAD-78F125A0CA6B}, , [19e7bf41728e936d1f79ec18659c57a9],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{AAD0E9BE-66C8-4211-BE81-FF1D3CEA7B59}, , [4ab68080bb4511ef038b528dbe45926e],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{C015BCE4-E33A-415B-9C21-F2FE1AB315D0}, , [857b9a668f71c63a048acd127f84be42],
PUP.PWDump, C:\ProgramData\Comodo\Cis\Quarantine\data\{C571AF0E-04F8-40F1-A78E-4B992EF4DAE1}, , [87790af6df218a763f226cbf6d97e818],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{CC901C08-5D31-45DF-8252-7EEA96A08065}, , [f30ddc244db39e6297f721bea0639868],
PUP.Optional.SweetPacks.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{D2A98614-5D2D-4B70-B81E-07A05FAE7F92}, , [15ebdf2158a8f20e95ff49bd38c95da3],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{D698664F-8068-4CFF-BAFF-8372FD35E969}, , [36ca3fc120e02cd49af413cc758ef907],
PUP.Optional.SweetPacks.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{D9A409D4-42C1-4A23-979A-3C2898BE9096}, , [7c84887829d789775f351de911f0827e],
PUP.Optional.SweetPacks.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{E2EC9F8B-0E10-468B-9C96-205B180DA855}, , [57a9f7090ef214ecd7bdf80ec83947b9],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{392AE0D7-26BA-4085-A939-32B4E06719AC}, , [ff017c84c838ea165737429d04ff29d7],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{4BFFB3B2-960E-45FD-94BC-B3D170EC4A73}, , [fc0477896a96ac54840a07d8f90a7888],
Spyware.OnlineGames, C:\ProgramData\Comodo\Cis\Quarantine\data\{52AF7357-F26D-4E37-9735-A93591169A3A}, , [827e3ec2649cfd03d68938833ac72fd1],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{533BCF03-8DA8-464E-A18F-1034B0792BB2}, , [c53bd12f97695ea2820cf4ebe22135cb],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{5462C666-0C2A-4F8D-B37C-B5A20B9F86AA}, , [20e0cd33e31dcf313f4fb42b2ed5e917],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{5D858D80-55D8-47A4-8853-4523CBC35AEB}, , [9a66dc24dd23ce32cac4de01867d2dd3],
PUP.Optional.SweetPacks.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{602F5557-BE3A-42ED-95E1-047B0C98F510}, , [966a2fd1ff016c946a2a7492f70a827e],
PUP.Optional.SweetPacks.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{658AD91D-7AAE-4BE6-9316-6591EC2C6884}, , [e0207a86e41c8a76286c28de08f97a86],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{6D94F5E4-95AC-40D1-BA14-2FCE36AC5926}, , [e91758a849b7dd23aa5e3ff9f010e719],
PUP.Optional.SweetPacks.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{E7DABD82-57AD-4610-B7ED-A477B659F5D2}, , [51af6b9510f034cc94001aecd03125db],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{ED6E936A-DC52-4675-86B6-91E9DCDBD78B}, , [aa56d62a13edb44c0b83b22d699a0ef2],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{F041FA23-188D-4984-A33C-5F894E1561F9}, , [b44ca55bce32718f1b73fce39172be42],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{F0CB0286-0D4A-4AB3-8B15-46579887C5C2}, , [16eaa25eca36d32db8d616c99d667a86],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{FAD3360F-54F1-4B53-8A8F-D39097CE686F}, , [02fe4eb2f907a35d2b6304db2ad9cc34],
PUP.Optional.GrabRez.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{7CD30C49-0CFC-47E7-B0A8-AA077A98D29F}, , [41bf47b916ea13edd3338bca06fbcc34],
PUP.Optional.Somoto.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{BB8AE90C-D509-45F9-B7DA-E5D2C436DA4B}, , [c739d92745bb08f890fe31aef80bae52],
PUP.Optional.SweetPacks.A, C:\ProgramData\Comodo\Cis\Quarantine\data\{E68F7C22-2C0D-406C-8E79-2F4E8C3B7349}, , [916fc93751af7f81a8ec60a636cb20e0],
RiskWare.Tool.CK, E:\RECYCLER\S-1-5-21-1644491937-1979792683-839522115-1003\Dg5\XP crack\Activate.exe, , [13ed01ff6a967987a73f8e4430d1b34d],
PUP.Optional.CrossRider.A, C:\Users\lucason3\AppData\Roaming\Mozilla\Firefox\Profiles\9oi8amhe.default\prefs.js, Dobré: (), Špatné: (user_pref("extensions.crossrider.bic", "144535f26392f0ded683201903481eb7");), ,[916f6c94e11f7789c3a3c8b5bb490df3]

Fyzické sektory: 0
(No malicious items detected)

(end)

tak co zmazat alebo nie?

No ja nejprve cekam odpoved na svou otazku, ale nejak se vam na ni odpovidat nechce. Ze by k tomu byl nejaky duvod?

Nie je to kontrola mojho pc ale kamaratovho lebo on sa tu nevie dostat a on povedat nevie lebo mu to instaloval nejaky jeho ujo.

No jo, vzdycky ti kamaradi a pribuzni

Nalezy MBAM nechte odstranit, pak MBAM odinstalujte.

Je s tim pc nejaky konkretni problem?

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

# AdwCleaner v3.210 - Report created 25/05/2014 at 10:25:57
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : lucason3 - HAZINPC
# Running from : C:\Users\lucason3\Desktop\adwcleaner_3.210\adwcleaner_3.210.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : MgAssistService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ClickIT
Folder Deleted : C:\ProgramData\SoftSafe
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
[!] Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Users\lucason3\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\lucason3\AppData\LocalLow\AppGraffiti
Folder Deleted : C:\Users\michalla\AppData\Local\Mobogenie
Folder Deleted : C:\Users\michalla\AppData\LocalLow\AppGraffiti
Folder Deleted : C:\Users\michalla\Documents\Mobogenie
Folder Deleted : C:\Users\lucason3\AppData\Roaming\Mozilla\Firefox\Profiles\9oi8amhe.default\Extensions\AppGraffiti@AppGraffiti.com
Folder Deleted : C:\Users\lucason3\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\michalla\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
File Deleted : C:\Users\lucason3\AppData\Roaming\Mozilla\Firefox\Profiles\9oi8amhe.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\lucason3\daemonprocess.txt
File Deleted : C:\Users\michalla\daemonprocess.txt
File Deleted : C:\Users\lucason3\AppData\Roaming\Mozilla\Firefox\Profiles\9oi8amhe.default\searchplugins\yahoo-zugo.xml
File Deleted : C:\Users\lucason3\AppData\Roaming\Mozilla\Firefox\Profiles\9oi8amhe.default\user.js
File Deleted : C:\Users\michalla\AppData\Roaming\Mozilla\Firefox\Profiles\7lagljp6.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\angobeimajilfhlcpeiccndaifchnppl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\startnow_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\startnow_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_nero-burning-rom_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_nero-burning-rom_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : HKCU\Software\AppGraffiti
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\Software\AppGraffiti

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Mozilla Firefox v29.0.1 (sk)

[ File : C:\Users\lucason3\AppData\Roaming\Mozilla\Firefox\Profiles\9oi8amhe.default\prefs.js ]

Line Deleted : user_pref("extensions.crossrider.bic", "144535f26392f0ded683201903481eb7");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.sk/");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={BE45D010-D774-11E1-BA03-001CC0711607}");

[ File : C:\Users\michalla\AppData\Roaming\Mozilla\Firefox\Profiles\7lagljp6.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\lucason3\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={BE45D010-D774-11E1-BA03-001CC0711607}
Deleted [Homepage] : hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={BE45D010-D774-11E1-BA03-001CC0711607}
Deleted [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn

[ File : C:\Users\michalla\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : jcdgjdiieiljkfkdcloehkohchhpekkn

*************************

AdwCleaner[R0].txt - [7926 octets] - [25/05/2014 10:25:11]
AdwCleaner[S0].txt - [7485 octets] - [25/05/2014 10:25:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7545 octets] ##########

a problem je taky ze niektore stranky mu nechce otvarat napr google alebo ked da nejaku inu stranku tak ho to presmeruje inam

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : michalla [Práva Správcu]
Režim : Kontrola -- Dátum : 05/27/2014 09:46:41
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 6 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3250410AS ATA Device +++++
--- User ---
[MBR] f1ff010c79c674fc0b6a61114300ee05
[BSP] 86a428bc8ba48b046930a1e2a983b171 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 49898 MB
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 102398310 | Size: 188465 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_S_05272014_094641.txt >>

VIRY.CZ

Poprosim kontrolu

Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu

Re: Poprosim kontrolu