VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

kontrola logu

https://forum.viry.cz:443/viewtopic.php?t=138385

Stránka 1 z 1

kontrola logu

Napsal: 02 čer 2014 16:25
od huld4
Zdravim,

Avira me neco nasla TR/Injector.crq.17 a Worm/Drefir.E ... soubory jsem prusnul do karanteny a smazal. Podival by se me prosim nekdo na log jestli je vse vporadku?

Moc diky.


Logfile of random's system information tool 1.10 (written by random/random)
Run by huld4 at 2014-06-02 17:21:57
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 11 GB (10%) free of 114 GB
Total RAM: 8125 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:22:00, on 2.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
C:\Program Files (x86)\Battle.net\Battle.net.4656\Battle.net.exe
C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\huld4.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Sound Blaster Cinema 2] "C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe /REMINDER
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [HearthstoneTracker] "C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe" -logon
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Killer Network Manager.lnk = ?
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_LiveUpdate_Service - Micro-Star International - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8388 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
"C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe"
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe" -logon
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe" -minimize
"C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
/REMINDER
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
raptr_im.exe
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000750
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9e512f73-94fd-40b2-9d08-51b636be73db -SystemEventPortName:HostProcess-5c18813c-b87d-4614-a35b-c044429244b8 -IoCancelEventPortName:HostProcess-97ed949b-8024-4716-991c-5657c86250f2 -NonStateChangingEventPortName:HostProcess-b1c00183-e9d9-4942-a747-25b89ff943dc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a2071f0f-1972-41ba-bae0-d8a0a645c2ae
"C:\Program Files\CPUID\HWMonitor\HWMonitor.exe"
"C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe" --locale=enGB --session=10527093585687260839
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\Battle.net\Battle.net.4656\Battle.net.exe"
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"D:\Download\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\huld4\AppData\Roaming\Mozilla\Firefox\Profiles\i79thwad.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-30 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-30 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-03-04 7543000]
"MBCfg64"=C:\Windows\system32\MBCfg64.dll [2014-02-21 41088]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2014-04-15 10396440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2014-05-15 55360]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21 1174016]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"HearthstoneTracker"=C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe [2014-03-26 8130048]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Cinema 2"=C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [2014-02-24 1440768]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-05-14 183376]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-05-09 737872]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe [2014-03-28 579056]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-04-17 767200]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Killer Network Manager.lnk - C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-02 17:21:57 ----D---- C:\rsit
2014-06-02 17:21:57 ----D---- C:\Program Files\trend micro
2014-06-01 21:42:30 ----D---- C:\Fraps
2014-05-31 18:09:17 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2014-05-31 18:08:20 ----D---- C:\ProgramData\EA Logs
2014-05-31 18:08:20 ----D---- C:\ProgramData\EA Core
2014-05-31 16:45:38 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-05-31 16:45:38 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2014-05-31 16:03:12 ----A---- C:\Windows\GPU-Z.INI
2014-05-31 15:23:40 ----D---- C:\Users\huld4\AppData\Roaming\vlc
2014-05-31 15:23:29 ----D---- C:\Program Files (x86)\VideoLAN
2014-05-31 15:20:15 ----D---- C:\Program Files\Futuremark
2014-05-31 15:20:13 ----D---- C:\Program Files (x86)\Futuremark
2014-05-31 12:09:37 ----D---- C:\Program Files (x86)\Origin Games
2014-05-31 12:08:55 ----D---- C:\Users\huld4\AppData\Roaming\Origin
2014-05-31 12:08:22 ----D---- C:\ProgramData\Origin
2014-05-31 12:08:22 ----D---- C:\ProgramData\Electronic Arts
2014-05-31 12:08:17 ----D---- C:\Program Files (x86)\Origin
2014-05-31 08:18:15 ----D---- C:\ProgramData\Steam
2014-05-31 08:17:35 ----D---- C:\Windows\system32\appmgmt
2014-05-31 07:45:20 ----D---- C:\Program Files (x86)\Wolfenstein The New Order
2014-05-31 07:42:54 ----D---- C:\ProgramData\ATI
2014-05-31 07:41:36 ----D---- C:\Program Files (x86)\AMD AVT
2014-05-31 07:41:11 ----D---- C:\Program Files (x86)\ATI Technologies
2014-05-31 07:41:02 ----D---- C:\Program Files\ATI Technologies
2014-05-31 07:40:58 ----D---- C:\Program Files\ATI
2014-05-30 22:29:23 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2014-05-30 22:29:23 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2014-05-30 22:29:23 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2014-05-30 22:29:23 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-05-30 22:29:23 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-05-30 22:29:23 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-05-30 22:29:23 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-05-30 22:29:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-05-30 22:29:23 ----A---- C:\Windows\system32\XAudio2_7.dll
2014-05-30 22:29:23 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2014-05-30 22:29:23 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-05-30 22:29:23 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-05-30 22:29:23 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-05-30 22:29:23 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-05-30 22:29:23 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-05-30 22:29:23 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2014-05-30 22:29:22 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2014-05-30 22:29:22 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2014-05-30 22:29:22 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2014-05-30 22:29:22 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2014-05-30 22:29:22 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2014-05-30 22:29:22 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2014-05-30 22:29:22 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2014-05-30 22:29:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2014-05-30 22:29:22 ----A---- C:\Windows\system32\XAudio2_6.dll
2014-05-30 22:29:22 ----A---- C:\Windows\system32\XAudio2_5.dll
2014-05-30 22:29:22 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2014-05-30 22:29:22 ----A---- C:\Windows\system32\xactengine3_6.dll
2014-05-30 22:29:22 ----A---- C:\Windows\system32\xactengine3_5.dll
2014-05-30 22:29:22 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2014-05-30 22:29:22 ----A---- C:\Windows\system32\d3dcsx_42.dll
2014-05-30 22:29:22 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2014-05-30 22:29:21 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2014-05-30 22:29:21 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-05-30 22:29:21 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2014-05-30 22:29:21 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2014-05-30 22:29:21 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2014-05-30 22:29:21 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2014-05-30 22:29:21 ----A---- C:\Windows\system32\D3DX9_42.dll
2014-05-30 22:29:21 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-05-30 22:29:21 ----A---- C:\Windows\system32\d3dx11_42.dll
2014-05-30 22:29:21 ----A---- C:\Windows\system32\d3dx10_42.dll
2014-05-30 22:29:21 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-05-30 22:29:21 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-05-30 22:29:20 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2014-05-30 22:29:20 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2014-05-30 22:29:20 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2014-05-30 22:29:20 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2014-05-30 22:29:20 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2014-05-30 22:29:20 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2014-05-30 22:29:20 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2014-05-30 22:29:20 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2014-05-30 22:29:20 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-05-30 22:29:20 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-05-30 22:29:20 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-05-30 22:29:20 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-05-30 22:29:20 ----A---- C:\Windows\system32\XAudio2_3.dll
2014-05-30 22:29:20 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2014-05-30 22:29:20 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2014-05-30 22:29:20 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-05-30 22:29:20 ----A---- C:\Windows\system32\xactengine3_3.dll
2014-05-30 22:29:20 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-05-30 22:29:20 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2014-05-30 22:29:20 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-05-30 22:29:20 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-05-30 22:29:20 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-05-30 22:29:19 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2014-05-30 22:29:19 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2014-05-30 22:29:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2014-05-30 22:29:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2014-05-30 22:29:19 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2014-05-30 22:29:19 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2014-05-30 22:29:19 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2014-05-30 22:29:19 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-05-30 22:29:19 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-05-30 22:29:19 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-05-30 22:29:19 ----A---- C:\Windows\system32\XAudio2_2.dll
2014-05-30 22:29:19 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-05-30 22:29:19 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2014-05-30 22:29:19 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-05-30 22:29:19 ----A---- C:\Windows\system32\xactengine3_2.dll
2014-05-30 22:29:19 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-05-30 22:29:19 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-05-30 22:29:19 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-05-30 22:29:19 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-05-30 22:29:19 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-05-30 22:29:18 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2014-05-30 22:29:18 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2014-05-30 22:29:18 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2014-05-30 22:29:18 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2014-05-30 22:29:18 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2014-05-30 22:29:18 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2014-05-30 22:29:18 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2014-05-30 22:29:18 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2014-05-30 22:29:18 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2014-05-30 22:29:18 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-05-30 22:29:18 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-05-30 22:29:18 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-05-30 22:29:18 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-05-30 22:29:18 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-05-30 22:29:18 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-05-30 22:29:18 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-05-30 22:29:18 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-05-30 22:29:18 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-05-30 22:29:17 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-05-30 22:29:17 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-05-30 22:29:17 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-05-30 22:29:17 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-05-30 22:29:17 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-05-30 22:29:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-05-30 22:29:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-05-30 22:29:17 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-05-30 22:29:17 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-05-30 22:29:17 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-05-30 22:29:17 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-05-30 22:29:17 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-05-30 22:29:17 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-05-30 22:29:17 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-05-30 22:29:16 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-05-30 22:29:16 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-05-30 22:29:16 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2014-05-30 22:29:16 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-05-30 22:29:16 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-05-30 22:29:16 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2014-05-30 22:29:16 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2014-05-30 22:29:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2014-05-30 22:29:16 ----A---- C:\Windows\system32\xinput1_3.dll
2014-05-30 22:29:16 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-05-30 22:29:16 ----A---- C:\Windows\system32\xactengine2_7.dll
2014-05-30 22:29:16 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-05-30 22:29:16 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-05-30 22:29:16 ----A---- C:\Windows\system32\d3dx9_34.dll
2014-05-30 22:29:16 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-05-30 22:29:16 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-05-30 22:29:15 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2014-05-30 22:29:15 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2014-05-30 22:29:15 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2014-05-30 22:29:15 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2014-05-30 22:29:15 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2014-05-30 22:29:15 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2014-05-30 22:29:15 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2014-05-30 22:29:15 ----A---- C:\Windows\system32\xactengine2_6.dll
2014-05-30 22:29:15 ----A---- C:\Windows\system32\xactengine2_5.dll
2014-05-30 22:29:15 ----A---- C:\Windows\system32\d3dx9_33.dll
2014-05-30 22:29:15 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-05-30 22:29:15 ----A---- C:\Windows\system32\d3dx10_33.dll
2014-05-30 22:29:15 ----A---- C:\Windows\system32\d3dx10.dll
2014-05-30 22:29:15 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2014-05-30 22:29:14 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2014-05-30 22:29:14 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-05-30 22:29:14 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2014-05-30 22:29:14 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2014-05-30 22:29:14 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2014-05-30 22:29:14 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-05-30 22:29:14 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2014-05-30 22:29:14 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-05-30 22:29:14 ----A---- C:\Windows\system32\xinput1_2.dll
2014-05-30 22:29:14 ----A---- C:\Windows\system32\xinput1_1.dll
2014-05-30 22:29:14 ----A---- C:\Windows\system32\xactengine2_4.dll
2014-05-30 22:29:14 ----A---- C:\Windows\system32\xactengine2_3.dll
2014-05-30 22:29:14 ----A---- C:\Windows\system32\xactengine2_2.dll
2014-05-30 22:29:14 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-05-30 22:29:14 ----A---- C:\Windows\system32\x3daudio1_1.dll
2014-05-30 22:29:14 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-05-30 22:29:13 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2014-05-30 22:29:13 ----A---- C:\Windows\system32\d3dx9_30.dll
2014-05-30 22:29:12 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2014-05-30 22:29:12 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-05-30 22:29:12 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2014-05-30 22:29:12 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2014-05-30 22:29:12 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2014-05-30 22:29:12 ----A---- C:\Windows\system32\xactengine2_0.dll
2014-05-30 22:29:12 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-05-30 22:29:12 ----A---- C:\Windows\system32\d3dx9_29.dll
2014-05-30 22:29:12 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-05-30 22:29:12 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-05-30 22:29:11 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2014-05-30 22:29:11 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2014-05-30 22:29:11 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2014-05-30 22:29:11 ----A---- C:\Windows\system32\d3dx9_26.dll
2014-05-30 22:29:11 ----A---- C:\Windows\system32\d3dx9_25.dll
2014-05-30 22:29:11 ----A---- C:\Windows\system32\d3dx9_24.dll
2014-05-30 22:14:00 ----D---- C:\Program Files (x86)\HearthstoneTracker
2014-05-30 22:09:31 ----D---- C:\ProgramData\Oracle
2014-05-30 22:09:29 ----D---- C:\ProgramData\Sun
2014-05-30 22:09:29 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-05-30 22:09:27 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-05-30 22:09:27 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-05-30 22:09:27 ----A---- C:\Windows\SYSWOW64\java.exe
2014-05-30 22:09:23 ----D---- C:\Program Files (x86)\Java
2014-05-30 21:53:58 ----A---- C:\Windows\winamp.ini
2014-05-30 21:53:57 ----D---- C:\Program Files (x86)\Winamp
2014-05-30 21:46:29 ----A---- C:\Windows\acpimof.dll
2014-05-30 21:29:48 ----A---- C:\Windows\system32\drivers\sptd.sys
2014-05-30 21:29:47 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2014-05-30 21:29:35 ----D---- C:\Users\huld4\AppData\Roaming\DAEMON Tools Lite
2014-05-30 21:29:33 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-05-30 20:17:52 ----A---- C:\Windows\system32\drivers\iusb3hcs.sys
2014-05-30 20:17:45 ----A---- C:\Windows\system32\drivers\iusb3xhc.sys
2014-05-30 20:17:44 ----A---- C:\Windows\system32\drivers\iusb3hub.sys
2014-05-30 20:17:41 ----D---- C:\Program Files (x86)\Intel
2014-05-30 20:17:39 ----D---- C:\Intel
2014-05-30 19:07:47 ----D---- C:\Users\huld4\AppData\Roaming\BSplayer Pro
2014-05-30 19:07:47 ----D---- C:\Users\huld4\AppData\Roaming\BSplayer
2014-05-30 19:07:46 ----D---- C:\Program Files (x86)\Webteh
2014-05-30 18:56:00 ----D---- C:\ProgramData\LogiShrd
2014-05-30 18:55:50 ----A---- C:\Windows\system32\drivers\LNonPnP.sys
2014-05-30 18:55:41 ----D---- C:\Program Files\Logitech Gaming Software
2014-05-30 18:55:19 ----D---- C:\Users\huld4\AppData\Roaming\Logitech
2014-05-30 18:55:19 ----D---- C:\Users\huld4\AppData\Roaming\Logishrd
2014-05-30 17:28:02 ----D---- C:\ProgramData\McAfee
2014-05-30 17:26:36 ----D---- C:\Users\huld4\AppData\Roaming\Avira
2014-05-30 17:15:12 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2014-05-30 17:15:12 ----A---- C:\Windows\system32\drivers\avipbb.sys
2014-05-30 17:15:12 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2014-05-30 17:14:23 ----D---- C:\ProgramData\Avira
2014-05-30 17:14:23 ----D---- C:\Program Files (x86)\Avira
2014-05-29 22:33:59 ----D---- C:\Program Files (x86)\Hearthstone
2014-05-29 22:29:21 ----D---- C:\Program Files (x86)\HD Tune
2014-05-29 21:48:28 ----D---- C:\Program Files\CPUID
2014-05-29 21:21:39 ----D---- C:\Users\huld4\AppData\Roaming\Skype
2014-05-29 21:21:37 ----RD---- C:\Program Files (x86)\Skype
2014-05-29 21:21:36 ----D---- C:\ProgramData\Skype
2014-05-29 21:20:37 ----D---- C:\Program Files (x86)\Diablo III
2014-05-29 21:19:42 ----D---- C:\Users\huld4\AppData\Roaming\Battle.net
2014-05-29 21:19:36 ----D---- C:\ProgramData\Blizzard Entertainment
2014-05-29 21:19:36 ----D---- C:\Program Files (x86)\Battle.net
2014-05-29 21:18:50 ----D---- C:\ProgramData\Battle.net
2014-05-29 21:17:23 ----D---- C:\Quicklunch
2014-05-29 21:06:58 ----D---- C:\Users\huld4\AppData\Roaming\Macromedia
2014-05-29 21:06:58 ----D---- C:\Users\huld4\AppData\Roaming\Adobe
2014-05-29 21:06:51 ----D---- C:\Windows\Panther
2014-05-29 21:06:39 ----RASH---- C:\BOOTSECT.BAK
2014-05-29 21:06:38 ----SHD---- C:\Boot
2014-05-29 21:05:27 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-29 21:05:26 ----D---- C:\Windows\SYSWOW64\Macromed
2014-05-29 21:05:24 ----D---- C:\Windows\system32\Macromed
2014-05-29 21:00:24 ----D---- C:\Users\huld4\AppData\Roaming\Mozilla
2014-05-29 21:00:22 ----D---- C:\ProgramData\Mozilla
2014-05-29 21:00:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-29 21:00:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-29 20:58:06 ----D---- C:\Program Files\ACD Systems
2014-05-29 20:58:06 ----A---- C:\Windows\SYSWOW64\Roboex32.dll
2014-05-29 20:58:06 ----A---- C:\Windows\SYSWOW64\lwf214p.dll
2014-05-29 20:58:06 ----A---- C:\Windows\SYSWOW64\ldf252.dll
2014-05-29 20:58:06 ----A---- C:\Windows\SYSWOW64\Jgst500.dll
2014-05-29 20:58:06 ----A---- C:\Windows\SYSWOW64\Jgpl500.dll
2014-05-29 20:58:06 ----A---- C:\Windows\SYSWOW64\Jgme500.dll
2014-05-29 20:58:06 ----A---- C:\Windows\SYSWOW64\Jgid500.dll
2014-05-29 20:58:06 ----A---- C:\Windows\SYSWOW64\Jgdw500.dll
2014-05-29 20:58:06 ----A---- C:\Windows\SYSWOW64\Jgar500.dll
2014-05-29 20:57:45 ----D---- C:\Program Files (x86)\Microsoft Office
2014-05-29 20:57:22 ----D---- C:\Program Files (x86)\WinRAR
2014-05-29 20:56:26 ----A---- C:\Windows\Marias.ini
2014-05-29 20:51:59 ----D---- C:\Users\huld4\AppData\Roaming\GHISLER
2014-05-29 20:51:59 ----D---- C:\Program Files (x86)\totalcmd
2014-05-29 20:51:59 ----A---- C:\Windows\UC.PIF
2014-05-29 20:51:59 ----A---- C:\Windows\RAR.PIF
2014-05-29 20:51:59 ----A---- C:\Windows\PKZIP.PIF
2014-05-29 20:51:59 ----A---- C:\Windows\PKUNZIP.PIF
2014-05-29 20:51:59 ----A---- C:\Windows\NOCLOSE.PIF
2014-05-29 20:51:59 ----A---- C:\Windows\LHA.PIF
2014-05-29 20:51:59 ----A---- C:\Windows\ARJ.PIF
2014-05-29 20:49:53 ----D---- C:\Users\huld4\AppData\Roaming\ATI
2014-05-29 20:46:11 ----D---- C:\Users\huld4\AppData\Roaming\library_dir
2014-05-29 20:45:14 ----D---- C:\Users\huld4\AppData\Roaming\Raptr
2014-05-29 20:45:14 ----D---- C:\Program Files (x86)\Raptr
2014-05-29 20:45:12 ----D---- C:\ProgramData\AMD
2014-05-29 20:44:59 ----D---- C:\Program Files\AMD
2014-05-29 20:44:52 ----D---- C:\Program Files\Common Files\ATI Technologies
2014-05-29 20:41:13 ----D---- C:\AMD
2014-05-29 20:34:36 ----N---- C:\Windows\Updreg.EXE
2014-05-29 20:34:34 ----N---- C:\Windows\SYSWOW64\ResDefA.exe
2014-05-29 20:34:34 ----N---- C:\Windows\SYSWOW64\MBCfgUninstall32.ini
2014-05-29 20:34:34 ----N---- C:\Windows\SYSWOW64\MBCfg32.ini
2014-05-29 20:34:34 ----N---- C:\Windows\SYSWOW64\MBCfg32.exe
2014-05-29 20:34:34 ----N---- C:\Windows\SYSWOW64\MBCfg32.dll
2014-05-29 20:34:34 ----N---- C:\Windows\SYSWOW64\ChezSC32.DLL
2014-05-29 20:34:34 ----N---- C:\Windows\system32\MBCfgUninstall64.ini
2014-05-29 20:34:34 ----N---- C:\Windows\system32\MBCfg64.ini
2014-05-29 20:34:34 ----N---- C:\Windows\system32\MBCfg64.exe
2014-05-29 20:34:34 ----N---- C:\Windows\system32\MBCfg64.dll
2014-05-29 20:34:34 ----N---- C:\Windows\system32\ChezSC64.DLL
2014-05-29 20:34:34 ----N---- C:\Windows\MBCfg_SP_APOIM.ini
2014-05-29 20:34:34 ----N---- C:\Windows\MBCfg_HP_APOIM.ini
2014-05-29 20:34:34 ----N---- C:\Windows\MBCfg_APOIM.ini
2014-05-29 20:34:34 ----D---- C:\ProgramData\Creative
2014-05-29 20:34:31 ----A---- C:\Windows\SYSWOW64\CmdRtr.DLL
2014-05-29 20:34:31 ----A---- C:\Windows\SYSWOW64\APOMngr.DLL
2014-05-29 20:34:31 ----A---- C:\Windows\system32\CmdRtr64.DLL
2014-05-29 20:34:31 ----A---- C:\Windows\system32\APOMgr64.DLL
2014-05-29 20:33:30 ----D---- C:\Program Files (x86)\Creative
2014-05-29 20:32:15 ----A---- C:\Windows\system32\Wdfres.dll
2014-05-29 20:32:15 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-05-29 20:32:15 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-05-29 20:32:04 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-05-29 20:32:04 ----D---- C:\Program Files\Realtek
2014-05-29 20:31:55 ----A---- C:\Windows\system32\drivers\MBfilt64.sys
2014-05-29 20:31:54 ----A---- C:\Windows\system32\WavesGUILib64.dll
2014-05-29 20:31:54 ----A---- C:\Windows\system32\SRSWOW64.dll
2014-05-29 20:31:54 ----A---- C:\Windows\system32\SRSTSX64.dll
2014-05-29 20:31:54 ----A---- C:\Windows\system32\SRSTSH64.dll
2014-05-29 20:31:54 ----A---- C:\Windows\system32\SRSHP64.dll
2014-05-29 20:31:54 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2014-05-29 20:31:53 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-05-29 20:31:53 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2014-05-29 20:31:53 ----A---- C:\Windows\system32\RtkCfg64.dll
2014-05-29 20:31:53 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-05-29 20:31:53 ----A---- C:\Windows\system32\RtkApi64.dll
2014-05-29 20:31:52 ----A---- C:\Windows\system32\RTEEP64A.dll
2014-05-29 20:31:52 ----A---- C:\Windows\system32\RTEEL64A.dll
2014-05-29 20:31:52 ----A---- C:\Windows\system32\RTEEG64A.dll
2014-05-29 20:31:52 ----A---- C:\Windows\system32\RTEED64A.dll
2014-05-29 20:31:52 ----A---- C:\Windows\system32\RtDataProc64.dll
2014-05-29 20:31:52 ----A---- C:\Windows\system32\RTCOM64.dll
2014-05-29 20:31:52 ----A---- C:\Windows\system32\RP3DHT64.dll
2014-05-29 20:31:52 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-05-29 20:31:52 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2014-05-29 20:31:51 ----A---- C:\Windows\system32\RP3DAA64.dll
2014-05-29 20:31:51 ----A---- C:\Windows\system32\RCoInstII64.dll
2014-05-29 20:31:42 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2014-05-29 20:31:42 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-05-29 20:31:41 ----A---- C:\Windows\SYSWOW64\MBAPO232.dll
2014-05-29 20:31:41 ----A---- C:\Windows\system32\MBWrp64.dll
2014-05-29 20:31:41 ----A---- C:\Windows\system32\MBAPO264.dll
2014-05-29 20:31:41 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2014-05-29 20:31:39 ----A---- C:\Windows\system32\FMAPO64.dll
2014-05-29 20:31:37 ----D---- C:\Program Files (x86)\Realtek
2014-05-29 20:31:37 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-05-29 20:31:37 ----A---- C:\Windows\system32\AERTAR64.dll
2014-05-29 20:31:37 ----A---- C:\Windows\system32\AERTAC64.dll
2014-05-29 20:31:36 ----HD---- C:\Program Files (x86)\Temp
2014-05-29 20:31:35 ----R---- C:\Windows\RtlExUpd.dll
2014-05-29 20:31:29 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-29 20:31:25 ----D---- C:\ProgramData\Qualcomm
2014-05-29 20:31:02 ----D---- C:\Program Files\Qualcomm Atheros
2014-05-29 20:30:52 ----D---- C:\ProgramData\Downloaded Installations
2014-05-29 20:30:39 ----D---- C:\Program Files\Intel
2014-05-29 20:30:32 ----D---- C:\ProgramData\Package Cache
2014-05-29 20:30:29 ----D---- C:\Program Files (x86)\MSI
2014-05-29 20:30:15 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-05-29 20:29:05 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-05-29 20:29:00 ----SHD---- C:\Windows\Installer
2014-05-29 20:21:01 ----D---- C:\Windows\SoftwareDistribution
2014-05-29 20:19:12 ----D---- C:\Users\huld4\AppData\Roaming\Identities
2014-05-29 20:19:08 ----SD---- C:\Users\huld4\AppData\Roaming\Microsoft
2014-05-29 20:19:08 ----D---- C:\Users\huld4\AppData\Roaming\Media Center Programs
2014-05-29 20:19:07 ----SHD---- C:\Recovery
2014-05-29 20:19:07 ----SHD---- C:\ProgramData\Šablony
2014-05-29 20:19:07 ----SHD---- C:\ProgramData\Plocha
2014-05-29 20:19:07 ----SHD---- C:\ProgramData\Oblíbené položky
2014-05-29 20:19:07 ----SHD---- C:\ProgramData\Nabídka Start
2014-05-29 20:19:07 ----SHD---- C:\ProgramData\Dokumenty
2014-05-29 20:19:07 ----SHD---- C:\ProgramData\Data aplikací
2014-05-29 20:07:22 ----D---- C:\Windows\Prefetch
2014-05-29 20:07:15 ----SHD---- C:\System Volume Information
2014-05-29 20:07:15 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2014-06-02 17:21:58 ----D---- C:\Windows\Temp
2014-06-02 17:21:57 ----RD---- C:\Program Files
2014-06-02 17:10:30 ----D---- C:\Windows\System32
2014-06-02 17:10:30 ----D---- C:\Windows\inf
2014-06-02 17:10:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-01 22:26:24 ----RD---- C:\Program Files (x86)
2014-06-01 22:07:36 ----D---- C:\Windows\system32\wdi
2014-06-01 21:42:30 ----D---- C:\Windows\SysWOW64
2014-05-31 18:08:20 ----HD---- C:\ProgramData
2014-05-31 16:55:39 ----D---- C:\Windows\system32\config
2014-05-31 16:55:38 ----D---- C:\Windows\winsxs
2014-05-31 16:46:03 ----D---- C:\Program Files (x86)\Common Files
2014-05-31 16:45:37 ----D---- C:\Windows\system32\LogFiles
2014-05-31 16:45:24 ----RSD---- C:\Windows\assembly
2014-05-31 16:03:12 ----D---- C:\Windows
2014-05-31 10:02:43 ----D---- C:\Windows\system32\drivers
2014-05-31 10:02:42 ----D---- C:\Windows\system32\drivers\UMDF
2014-05-31 08:59:15 ----D---- C:\Windows\Microsoft.NET
2014-05-31 07:42:20 ----D---- C:\Windows\system32\catroot
2014-05-31 07:41:26 ----D---- C:\Windows\system32\DriverStore
2014-05-31 07:41:24 ----D---- C:\Windows\system32\catroot2
2014-05-31 00:14:17 ----D---- C:\Windows\rescache
2014-05-30 22:29:04 ----D---- C:\Windows\Logs
2014-05-29 21:05:27 ----D---- C:\Windows\Tasks
2014-05-29 21:05:27 ----D---- C:\Windows\system32\Tasks
2014-05-29 21:01:56 ----SD---- C:\ProgramData\Microsoft
2014-05-29 20:44:52 ----D---- C:\Program Files\Common Files
2014-05-29 20:44:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-05-29 20:43:30 ----D---- C:\Windows\SYSWOW64\en-US
2014-05-29 20:43:30 ----D---- C:\Windows\system32\en-US
2014-05-29 20:32:48 ----D---- C:\Windows\system32\wbem
2014-05-29 20:32:48 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-05-29 20:32:48 ----D---- C:\Windows\system32\cs-CZ
2014-05-29 20:28:56 ----D---- C:\Windows\system32\restore
2014-05-29 20:19:13 ----D---- C:\Windows\system32\CodeIntegrity
2014-05-29 20:19:11 ----SHD---- C:\$Recycle.Bin
2014-05-29 20:19:08 ----RD---- C:\Users
2014-05-29 20:19:07 ----D---- C:\Program Files\Windows NT
2014-05-29 20:19:03 ----D---- C:\Windows\debug
2014-05-29 20:08:38 ----D---- C:\Windows\system32\sysprep
2014-05-29 20:07:22 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-02-21 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-05-30 834544]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-05-09 130584]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-05-09 28600]
R1 BfLwf;Qualcomm Atheros Bandwidth Control; C:\Windows\system32\DRIVERS\bflwfx64.sys [2013-11-08 80080]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-05-09 112080]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-04-18 15376384]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-04-18 638976]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-12-19 94720]
R3 cpuz137;cpuz137; \??\C:\Users\huld4\AppData\Local\Temp\cpuz137\cpuz137_x64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-04 3882456]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-02-21 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-02-21 791024]
R3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\e22w7x64.sys [2013-03-20 154320]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 64280]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [2010-10-22 14136]
S3 ac9s5kqw;ac9s5kqw; C:\Windows\system32\drivers\ac9s5kqw.sys []
S3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GPUZ;GPUZ; \??\C:\Windows\TEMP\GPUZ.sys []
S3 MSICDSetup;MSICDSetup; \??\F:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-04-18 239616]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-05-09 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-05-09 430160]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-05-14 123984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2014-03-27 83952]
R2 MSI_Trigger_Service;MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2013-09-26 30240]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-05-31 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2014-05-31 189248]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2014-01-22 344576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-30 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2014-01-28 520416]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-07 119408]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-05-09 1039952]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Re: kontrola logu

Napsal: 03 čer 2014 08:23
od Márty84
Zdravim :)

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: kontrola logu

Napsal: 03 čer 2014 15:56
od huld4
OTL logfile created on: 3.6.2014 16:45:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\huld4\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,93 Gb Total Physical Memory | 5,72 Gb Available Physical Memory | 72,04% Memory free
15,87 Gb Paging File | 13,29 Gb Available in Paging File | 83,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 11,13 Gb Free Space | 9,97% Space Free | Partition Type: NTFS
Drive D: | 931,39 Gb Total Space | 159,04 Gb Free Space | 17,08% Space Free | Partition Type: NTFS

Computer Name: HULD4-PC | User Name: huld4 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.06.03 16:44:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\huld4\Desktop\OTL.exe
PRC - [2014.05.31 16:45:42 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2014.05.31 16:45:38 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014.05.29 21:19:41 | 009,571,888 | ---- | M] (Blizzard Entertainment) -- C:\Program Files (x86)\Battle.net\Battle.net.4656\Battle.net.exe
PRC - [2014.05.29 21:19:03 | 009,177,648 | ---- | M] (Blizzard Entertainment) -- C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
PRC - [2014.05.15 01:52:26 | 000,046,144 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr_im.exe
PRC - [2014.05.15 01:52:22 | 000,066,624 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr.exe
PRC - [2014.05.14 14:27:34 | 000,183,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2014.05.14 14:27:34 | 000,123,984 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2014.05.09 11:16:58 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014.05.09 11:16:43 | 000,737,872 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014.05.09 11:16:43 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014.05.07 04:26:43 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.04.29 14:30:40 | 003,365,872 | ---- | M] (Micro-Star International) -- C:\Program Files (x86)\MSI\Live Update\Live Update.exe
PRC - [2014.03.27 19:49:08 | 000,083,952 | ---- | M] (Micro-Star International) -- C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
PRC - [2014.03.26 21:47:12 | 008,130,048 | ---- | M] (HearthstoneTracker.com) -- C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe
PRC - [2014.02.24 09:35:42 | 001,440,768 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
PRC - [2014.02.21 07:56:54 | 000,292,848 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2013.09.26 13:39:36 | 000,030,240 | ---- | M] (MICRO-STAR INTERNATIONAL CO., LTD.) -- C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
PRC - [2010.11.21 05:25:10 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe


========== Modules (No Company Name) ==========

MOD - [2014.05.29 21:56:24 | 000,256,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\8ea4f2a14f034a52843ddf37991c9f6d\WindowsFormsIntegration.ni.dll
MOD - [2014.05.29 21:56:09 | 000,680,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net\38de848984bd4f1dc2b97c737ccc371f\System.Net.ni.dll
MOD - [2014.05.29 21:56:06 | 003,191,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.28b9ef5a#\d2892c928590d8dd03494d52abe79721\System.Web.Extensions.ni.dll
MOD - [2014.05.29 21:56:03 | 002,956,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\c37bcdac22f4bcd9531dfcc4b9ebda56\System.IdentityModel.ni.dll
MOD - [2014.05.29 21:56:02 | 019,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\ec19fdffa5eaea430a77160272ed897e\System.ServiceModel.ni.dll
MOD - [2014.05.29 21:56:02 | 000,523,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\91c8c2e92a2db78304c875d4b06d1f16\System.Net.Http.ni.dll
MOD - [2014.05.29 21:55:52 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\7950655216951a291ff375b54d5e33fd\System.Xml.Linq.ni.dll
MOD - [2014.05.29 21:55:39 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\fedb1433422296012c8ce48902458bf1\UIAutomationTypes.ni.dll
MOD - [2014.05.29 21:55:38 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\dcf2b1a7011858156e5b759de2e5e598\PresentationFramework-SystemXml.ni.dll
MOD - [2014.05.29 21:55:38 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\0dbb2348461d98c3319e8a3fa729eb68\PresentationFramework-SystemData.ni.dll
MOD - [2014.05.29 21:55:38 | 000,013,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\877c3d0263392551522f9655dbf747b6\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014.05.29 21:55:37 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a6349c#\6c0984e58c9ef168f060775aa8a7a198\PresentationFramework-SystemCore.ni.dll
MOD - [2014.05.29 21:19:41 | 026,065,408 | ---- | M] () -- C:\Program Files (x86)\Battle.net\Battle.net.4656\libcef.dll
MOD - [2014.05.29 21:19:41 | 000,739,840 | ---- | M] () -- C:\Program Files (x86)\Battle.net\Battle.net.4656\libGLESv2.dll
MOD - [2014.05.29 21:19:41 | 000,130,048 | ---- | M] () -- C:\Program Files (x86)\Battle.net\Battle.net.4656\libEGL.dll
MOD - [2014.05.29 20:44:43 | 018,524,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\97e6b67983d07a066b68b3ae8be2f53d\PresentationFramework.ni.dll
MOD - [2014.05.29 20:44:36 | 010,914,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b52bc540630c3aa5de542c382af35c20\PresentationCore.ni.dll
MOD - [2014.05.29 20:44:33 | 003,905,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\cd235caf797fb017f140016be88f33b7\WindowsBase.ni.dll
MOD - [2014.05.29 20:44:33 | 002,505,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\fb1e17d7933d852614890b82126e6ab8\System.Data.Linq.ni.dll
MOD - [2014.05.29 20:44:33 | 001,613,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\8fe9ee0386d99c1bc266b451bad79483\Microsoft.CSharp.ni.dll
MOD - [2014.05.29 20:44:33 | 000,985,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\bbb529c570850d761178b1a377b4d13c\System.ComponentModel.Composition.ni.dll
MOD - [2014.05.29 20:44:32 | 013,319,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\273389de0b6e286cb2bdc83ecb428704\System.Web.ni.dll
MOD - [2014.05.29 20:44:32 | 000,389,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\7a02afe307442182f401f2fea0595a5a\System.Dynamic.ni.dll
MOD - [2014.05.29 20:44:31 | 001,161,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data86569bbf#\99539917f59c4a963afa2e46f9d73a1f\System.Data.OracleClient.ni.dll
MOD - [2014.05.29 20:44:31 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\df55f04bc0ebe6c1abde4bc467bf4d03\System.ServiceModel.Internals.ni.dll
MOD - [2014.05.29 20:44:31 | 000,462,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\e7d92730b571b31e62c2cf257f04a974\PresentationFramework.Aero.ni.dll
MOD - [2014.05.29 20:44:31 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\98e3281d79512c9a2a0a89e3bc2e554f\SMDiagnostics.ni.dll
MOD - [2014.05.29 20:44:30 | 012,692,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\22ae167d586450ad3a9b9a9ee43ebc86\System.Windows.Forms.ni.dll
MOD - [2014.05.29 20:44:30 | 007,248,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\9a6093eb864d6729de75ec4b955dddb1\System.Data.ni.dll
MOD - [2014.05.29 20:44:28 | 006,995,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b9f7adbc90a2bcbe8eb9e6e8d2bb975b\System.Core.ni.dll
MOD - [2014.05.29 20:44:28 | 002,785,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\293cfe2c05a8ee921726927fd00ea81c\System.Runtime.Serialization.ni.dll
MOD - [2014.05.29 20:44:28 | 000,239,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Comp46f2b404#\f0553d9d8cd2698cba2bb38dee5112b6\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2014.05.29 20:44:27 | 007,559,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9ba07396ae369d010c5c3927a82ef426\System.Xml.ni.dll
MOD - [2014.05.29 20:44:26 | 001,870,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cc4d9093563dadee370788bbc3ecf4fb\System.Xaml.ni.dll
MOD - [2014.05.29 20:44:26 | 001,630,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\72269ea7cc6281139e4d155e7c57dc67\System.Drawing.ni.dll
MOD - [2014.05.29 20:44:26 | 000,777,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\48576847f23080832be66e93d8e964bf\System.EnterpriseServices.ni.dll
MOD - [2014.05.29 20:44:26 | 000,641,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\1aea3525c318ac7218966d7b91c52ff1\System.Transactions.ni.dll
MOD - [2014.05.29 20:44:26 | 000,249,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\48576847f23080832be66e93d8e964bf\System.EnterpriseServices.Wrapper.dll
MOD - [2014.05.29 20:44:25 | 000,958,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\28586400bcaf94c13a9fd0dff4a1e090\System.Configuration.ni.dll
MOD - [2014.05.29 20:44:25 | 000,220,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\ad2f6440da38a0dbae2df194782b35d1\System.ServiceProcess.ni.dll
MOD - [2014.05.29 20:44:24 | 009,925,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\e40da7a49f8c3f0108e7c835b342f382\System.ni.dll
MOD - [2014.05.29 20:44:22 | 000,145,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\1346fe7d35b70702029e422970db1201\System.Numerics.ni.dll
MOD - [2014.05.29 20:44:21 | 016,501,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\51e2934144ba15628ba5a31be2dae7dc\mscorlib.ni.dll
MOD - [2014.05.14 14:27:32 | 000,137,296 | ---- | M] () -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
MOD - [2014.05.14 14:27:28 | 000,049,744 | ---- | M] () -- C:\Users\huld4\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
MOD - [2014.05.14 01:26:54 | 001,662,464 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
MOD - [2014.05.14 01:26:54 | 000,494,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
MOD - [2014.05.14 01:26:52 | 005,812,736 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
MOD - [2014.05.14 01:26:52 | 000,313,856 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
MOD - [2014.05.14 01:26:40 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\Raptr\sip.pyd
MOD - [2014.05.07 04:27:09 | 003,839,088 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.02.21 11:20:36 | 000,074,240 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
MOD - [2014.02.21 11:17:40 | 000,274,944 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2013.11.21 02:05:26 | 000,256,000 | ---- | M] () -- C:\Program Files (x86)\Raptr\amd_ags.dll
MOD - [2013.05.10 01:52:58 | 001,183,699 | ---- | M] () -- C:\Program Files (x86)\Raptr\liboscar.dll
MOD - [2013.05.10 01:52:58 | 000,483,306 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libicq.dll
MOD - [2013.05.10 01:52:56 | 000,495,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libaim.dll
MOD - [2013.05.03 20:57:16 | 001,640,221 | ---- | M] () -- C:\Program Files (x86)\Raptr\libjabber.dll
MOD - [2013.05.03 20:57:14 | 001,053,730 | ---- | M] () -- C:\Program Files (x86)\Raptr\libymsg.dll
MOD - [2013.05.03 20:57:06 | 000,655,356 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libirc.dll
MOD - [2013.05.03 20:57:04 | 000,603,326 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
MOD - [2013.05.03 20:57:02 | 000,474,199 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl.dll
MOD - [2013.05.03 20:57:00 | 000,497,782 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
MOD - [2013.05.03 20:56:50 | 001,306,387 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libmsn.dll
MOD - [2013.05.03 20:56:46 | 000,565,461 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
MOD - [2013.05.03 20:56:44 | 000,506,276 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
MOD - [2012.10.27 09:53:18 | 002,717,595 | ---- | M] () -- C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
MOD - [2012.02.06 22:28:48 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
MOD - [2012.02.06 22:28:42 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
MOD - [2012.02.06 22:28:34 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
MOD - [2011.05.10 21:01:42 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
MOD - [2011.02.15 20:17:28 | 001,213,633 | ---- | M] () -- C:\Program Files (x86)\Raptr\libxml2-2.dll
MOD - [2011.02.15 20:17:28 | 000,417,501 | ---- | M] () -- C:\Program Files (x86)\Raptr\sqlite3.dll
MOD - [2010.11.23 01:06:22 | 000,055,808 | ---- | M] () -- C:\Program Files (x86)\Raptr\zlib1.dll
MOD - [2010.11.23 00:57:34 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32gui.pyd
MOD - [2010.11.23 00:57:34 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32file.pyd
MOD - [2010.11.23 00:57:34 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32api.pyd
MOD - [2010.11.23 00:57:34 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32process.pyd
MOD - [2010.11.23 00:57:34 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32trace.pyd
MOD - [2010.11.23 00:57:18 | 000,141,312 | ---- | M] () -- C:\Program Files (x86)\Raptr\gobject._gobject.pyd
MOD - [2010.11.23 00:56:56 | 000,354,304 | ---- | M] () -- C:\Program Files (x86)\Raptr\pythoncom26.dll
MOD - [2010.11.23 00:56:56 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\pywintypes26.dll
MOD - [2010.11.23 00:56:26 | 000,324,608 | ---- | M] () -- C:\Program Files (x86)\Raptr\PIL._imaging.pyd
MOD - [2010.11.23 00:56:02 | 000,805,376 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ssl.pyd
MOD - [2010.11.23 00:56:02 | 000,583,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\unicodedata.pyd
MOD - [2010.11.23 00:56:02 | 000,356,864 | ---- | M] () -- C:\Program Files (x86)\Raptr\_hashlib.pyd
MOD - [2010.11.23 00:56:02 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\Raptr\pyexpat.pyd
MOD - [2010.11.23 00:56:02 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\Raptr\_elementtree.pyd
MOD - [2010.11.23 00:56:02 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ctypes.pyd
MOD - [2010.11.23 00:56:02 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Raptr\_sqlite3.pyd
MOD - [2010.11.23 00:56:02 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Raptr\_socket.pyd
MOD - [2010.11.23 00:56:02 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Raptr\select.pyd
MOD - [2010.11.23 00:56:02 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Raptr\winsound.pyd
MOD - [2010.11.21 05:49:28 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\299d0b38053fd7cbd84bac2178c3703b\PresentationFramework.Aero.ni.dll
MOD - [2010.11.21 05:49:02 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bfaf8f86e69928fb2f67987c0203f603\PresentationFramework.ni.dll
MOD - [2010.11.21 05:48:49 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010.11.21 05:48:42 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010.11.21 05:48:40 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll
MOD - [2010.11.21 05:48:30 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2010.11.21 05:48:25 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2010.11.21 05:48:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2010.11.21 05:48:21 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2010.11.21 05:48:14 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.04.18 03:29:24 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2014.01.22 15:15:16 | 000,344,576 | ---- | M] (Qualcomm Atheros) [Auto | Running] -- C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe -- (Qualcomm Atheros Killer Service V2)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.05.31 16:45:42 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2014.05.31 16:45:38 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014.05.30 17:28:01 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.05.14 14:27:34 | 000,123,984 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2014.05.09 11:16:58 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014.05.09 11:16:44 | 001,039,952 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe -- (AntiVirWebService)
SRV - [2014.05.09 11:16:43 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014.05.07 04:27:01 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.04.03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.03.27 19:49:08 | 000,083,952 | ---- | M] (Micro-Star International) [Auto | Running] -- C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe -- (MSI_LiveUpdate_Service)
SRV - [2014.01.28 23:27:58 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2013.09.26 13:39:36 | 000,030,240 | ---- | M] (MICRO-STAR INTERNATIONAL CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe -- (MSI_Trigger_Service)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.05.30 21:29:48 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2014.05.09 11:16:43 | 000,130,584 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014.05.09 11:16:43 | 000,112,080 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014.05.09 11:16:43 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2014.04.18 04:36:46 | 015,376,384 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014.04.18 03:07:06 | 000,638,976 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2014.02.21 07:56:18 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2014.02.21 07:56:14 | 000,791,024 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2014.02.21 07:56:14 | 000,370,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2013.12.19 18:45:50 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.11.08 09:42:24 | 000,080,080 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bflwfx64.sys -- (BfLwf)
DRV:64bit: - [2013.05.30 17:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013.03.20 15:46:40 | 000,154,320 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e22W7x64.sys -- (Ke2200)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.11.24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.11.18 01:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010.10.22 10:37:36 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys -- (NTIOLib_1_0_4)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2212814713-1669184054-1629592007-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2212814713-1669184054-1629592007-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2212814713-1669184054-1629592007-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014.05.29 21:00:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\huld4\AppData\Roaming\Mozilla\Extensions
[2014.05.30 22:01:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\huld4\AppData\Roaming\Mozilla\Firefox\Profiles\i79thwad.default\extensions
[2014.05.30 22:01:56 | 000,957,880 | ---- | M] () (No name found) -- C:\Users\huld4\AppData\Roaming\Mozilla\Firefox\Profiles\i79thwad.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.05.29 21:00:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.05.29 21:00:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MBCfg64] C:\Windows\SysNative\MBCfg64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe (Micro-Star International)
O4 - HKLM..\Run: [Sound Blaster Cinema 2] C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2212814713-1669184054-1629592007-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2212814713-1669184054-1629592007-1000..\Run: [HearthstoneTracker] C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe (HearthstoneTracker.com)
O4 - HKU\S-1-5-21-2212814713-1669184054-1629592007-1000..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKU\S-1-5-21-2212814713-1669184054-1629592007-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.240.0.214 83.240.0.135
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8C96DB7-8BFA-4294-9988-F8277AFA0DF5}: DhcpNameServer = 83.240.0.214 83.240.0.135
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{414ed134-e832-11e3-a8c2-448a5b9c0eab}\Shell - "" = AutoRun
O33 - MountPoints2\{414ed134-e832-11e3-a8c2-448a5b9c0eab}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.06.03 16:44:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\huld4\Desktop\OTL.exe
[2014.06.03 16:42:48 | 000,084,720 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2014.06.02 20:58:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.06.02 20:58:04 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.06.02 20:58:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014.06.02 20:57:23 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.06.02 20:57:22 | 000,000,000 | ---D | C] -- C:\Users\huld4\Desktop\mbar
[2014.06.02 17:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.06.02 17:21:57 | 000,000,000 | ---D | C] -- C:\rsit
[2014.06.01 21:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2014.06.01 21:42:30 | 000,000,000 | ---D | C] -- C:\Fraps
[2014.05.31 18:09:18 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\ESN
[2014.05.31 18:09:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2014.05.31 18:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2014.05.31 18:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2014.05.31 16:46:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
[2014.05.31 16:46:03 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2014.05.31 15:23:40 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\vlc
[2014.05.31 15:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014.05.31 15:23:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014.05.31 15:20:26 | 000,000,000 | ---D | C] -- C:\Users\huld4\Documents\3DMark 11
[2014.05.31 15:20:25 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\IsolatedStorage
[2014.05.31 15:20:24 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Futuremark
[2014.05.31 15:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
[2014.05.31 15:20:15 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
[2014.05.31 15:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2014.05.31 12:09:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2014.05.31 12:08:55 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Origin
[2014.05.31 12:08:54 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Origin
[2014.05.31 12:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2014.05.31 12:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2014.05.31 12:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2014.05.31 12:08:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2014.05.31 08:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam
[2014.05.31 08:17:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014.05.31 07:45:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wolfenstein The New Order
[2014.05.31 07:42:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014.05.31 07:41:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014.05.31 07:41:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014.05.31 07:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014.05.31 07:41:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014.05.31 07:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014.05.31 07:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014.05.30 22:29:23 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2014.05.30 22:29:23 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014.05.30 22:29:23 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2014.05.30 22:29:23 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014.05.30 22:29:23 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2014.05.30 22:29:23 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2014.05.30 22:29:23 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2014.05.30 22:29:23 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2014.05.30 22:29:23 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014.05.30 22:29:23 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014.05.30 22:29:23 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014.05.30 22:29:23 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014.05.30 22:29:23 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2014.05.30 22:29:23 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2014.05.30 22:29:23 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2014.05.30 22:29:23 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2014.05.30 22:29:22 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014.05.30 22:29:22 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2014.05.30 22:29:22 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014.05.30 22:29:22 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2014.05.30 22:29:22 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014.05.30 22:29:22 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2014.05.30 22:29:22 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014.05.30 22:29:22 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2014.05.30 22:29:22 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2014.05.30 22:29:22 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2014.05.30 22:29:22 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014.05.30 22:29:22 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014.05.30 22:29:22 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014.05.30 22:29:22 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2014.05.30 22:29:22 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014.05.30 22:29:22 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2014.05.30 22:29:21 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2014.05.30 22:29:21 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2014.05.30 22:29:21 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014.05.30 22:29:21 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2014.05.30 22:29:21 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014.05.30 22:29:21 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2014.05.30 22:29:21 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2014.05.30 22:29:21 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2014.05.30 22:29:21 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2014.05.30 22:29:21 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2014.05.30 22:29:21 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014.05.30 22:29:21 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014.05.30 22:29:20 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2014.05.30 22:29:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2014.05.30 22:29:20 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2014.05.30 22:29:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2014.05.30 22:29:20 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2014.05.30 22:29:20 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2014.05.30 22:29:20 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014.05.30 22:29:20 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2014.05.30 22:29:20 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2014.05.30 22:29:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2014.05.30 22:29:20 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2014.05.30 22:29:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2014.05.30 22:29:20 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014.05.30 22:29:20 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2014.05.30 22:29:20 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014.05.30 22:29:20 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014.05.30 22:29:20 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2014.05.30 22:29:20 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2014.05.30 22:29:20 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014.05.30 22:29:20 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2014.05.30 22:29:20 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2014.05.30 22:29:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2014.05.30 22:29:19 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2014.05.30 22:29:19 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2014.05.30 22:29:19 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2014.05.30 22:29:19 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2014.05.30 22:29:19 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2014.05.30 22:29:19 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014.05.30 22:29:19 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2014.05.30 22:29:19 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2014.05.30 22:29:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2014.05.30 22:29:19 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2014.05.30 22:29:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2014.05.30 22:29:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2014.05.30 22:29:19 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014.05.30 22:29:19 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2014.05.30 22:29:19 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014.05.30 22:29:19 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2014.05.30 22:29:19 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2014.05.30 22:29:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2014.05.30 22:29:19 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2014.05.30 22:29:19 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2014.05.30 22:29:18 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2014.05.30 22:29:18 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2014.05.30 22:29:18 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2014.05.30 22:29:18 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2014.05.30 22:29:18 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2014.05.30 22:29:18 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2014.05.30 22:29:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2014.05.30 22:29:18 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2014.05.30 22:29:18 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2014.05.30 22:29:18 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2014.05.30 22:29:18 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2014.05.30 22:29:18 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2014.05.30 22:29:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2014.05.30 22:29:18 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2014.05.30 22:29:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2014.05.30 22:29:18 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2014.05.30 22:29:18 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2014.05.30 22:29:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2014.05.30 22:29:17 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014.05.30 22:29:17 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014.05.30 22:29:17 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014.05.30 22:29:17 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014.05.30 22:29:17 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014.05.30 22:29:17 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014.05.30 22:29:17 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014.05.30 22:29:17 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014.05.30 22:29:17 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014.05.30 22:29:17 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014.05.30 22:29:17 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014.05.30 22:29:17 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014.05.30 22:29:17 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014.05.30 22:29:17 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014.05.30 22:29:16 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014.05.30 22:29:16 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014.05.30 22:29:16 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014.05.30 22:29:16 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014.05.30 22:29:16 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014.05.30 22:29:16 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014.05.30 22:29:16 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014.05.30 22:29:16 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014.05.30 22:29:16 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014.05.30 22:29:16 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014.05.30 22:29:16 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014.05.30 22:29:16 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014.05.30 22:29:16 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014.05.30 22:29:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2014.05.30 22:29:16 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014.05.30 22:29:16 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014.05.30 22:29:15 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014.05.30 22:29:15 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2014.05.30 22:29:15 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014.05.30 22:29:15 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2014.05.30 22:29:15 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014.05.30 22:29:15 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014.05.30 22:29:15 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014.05.30 22:29:15 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014.05.30 22:29:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014.05.30 22:29:15 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014.05.30 22:29:15 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014.05.30 22:29:15 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014.05.30 22:29:15 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014.05.30 22:29:15 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014.05.30 22:29:14 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014.05.30 22:29:14 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014.05.30 22:29:14 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014.05.30 22:29:14 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014.05.30 22:29:14 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014.05.30 22:29:14 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014.05.30 22:29:14 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014.05.30 22:29:14 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014.05.30 22:29:14 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014.05.30 22:29:14 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014.05.30 22:29:14 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014.05.30 22:29:14 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll

Re: kontrola logu

Napsal: 03 čer 2014 15:57
od huld4
[2014.05.30 22:29:14 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014.05.30 22:29:14 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014.05.30 22:29:14 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014.05.30 22:29:14 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014.05.30 22:29:13 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014.05.30 22:29:13 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014.05.30 22:29:12 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014.05.30 22:29:12 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014.05.30 22:29:12 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014.05.30 22:29:12 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014.05.30 22:29:12 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014.05.30 22:29:12 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014.05.30 22:29:12 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014.05.30 22:29:12 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014.05.30 22:29:12 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014.05.30 22:29:12 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014.05.30 22:29:11 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014.05.30 22:29:11 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014.05.30 22:29:11 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014.05.30 22:29:11 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014.05.30 22:29:11 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014.05.30 22:29:11 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014.05.30 22:14:03 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\HearthstoneTracker
[2014.05.30 22:14:01 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker
[2014.05.30 22:14:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HearthstoneTracker
[2014.05.30 22:09:45 | 000,000,000 | ---D | C] -- C:\Users\huld4\.swt
[2014.05.30 22:09:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014.05.30 22:09:29 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.05.30 22:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014.05.30 22:09:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014.05.30 22:09:27 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.05.30 22:09:27 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.05.30 22:09:27 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.05.30 22:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.05.30 22:09:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014.05.30 21:54:02 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp
[2014.05.30 21:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2014.05.30 21:53:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2014.05.30 21:46:29 | 000,011,832 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\acpimof.dll
[2014.05.30 21:46:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2014.05.30 21:29:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014.05.30 21:29:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014.05.30 21:29:35 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\DAEMON Tools Lite
[2014.05.30 21:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014.05.30 20:17:52 | 000,020,464 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2014.05.30 20:17:45 | 000,791,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2014.05.30 20:17:44 | 000,370,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2014.05.30 20:17:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014.05.30 20:17:39 | 000,000,000 | ---D | C] -- C:\Intel
[2014.05.30 19:07:47 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\BSplayer Pro
[2014.05.30 19:07:47 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\BSplayer
[2014.05.30 19:07:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Webteh
[2014.05.30 18:56:00 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Logitech
[2014.05.30 18:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2014.05.30 18:55:50 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2014.05.30 18:55:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2014.05.30 18:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2014.05.30 18:55:19 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Logitech
[2014.05.30 18:55:19 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Logishrd
[2014.05.30 17:28:02 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014.05.30 17:26:36 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Avira
[2014.05.30 17:23:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2014.05.30 17:17:57 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Blizzard
[2014.05.30 17:15:12 | 000,130,584 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2014.05.30 17:15:12 | 000,112,080 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2014.05.30 17:15:12 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2014.05.30 17:14:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2014.05.30 17:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2014.05.30 17:14:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2014.05.29 22:34:15 | 000,000,000 | ---D | C] -- C:\Users\huld4\Documents\Diablo III
[2014.05.29 22:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
[2014.05.29 22:33:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hearthstone
[2014.05.29 22:29:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2014.05.29 22:29:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[2014.05.29 21:48:28 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2014.05.29 21:21:40 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Skype
[2014.05.29 21:21:39 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Skype
[2014.05.29 21:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014.05.29 21:21:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014.05.29 21:21:37 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014.05.29 21:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014.05.29 21:21:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2014.05.29 21:20:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2014.05.29 21:19:43 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Blizzard Entertainment
[2014.05.29 21:19:42 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Battle.net
[2014.05.29 21:19:42 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Battle.net
[2014.05.29 21:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2014.05.29 21:19:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2014.05.29 21:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2014.05.29 21:19:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2014.05.29 21:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2014.05.29 21:17:23 | 000,000,000 | ---D | C] -- C:\Quicklunch
[2014.05.29 21:06:58 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Macromedia
[2014.05.29 21:06:58 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Macromedia
[2014.05.29 21:06:58 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Adobe
[2014.05.29 21:06:51 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014.05.29 21:06:38 | 000,000,000 | -HSD | C] -- C:\Boot
[2014.05.29 21:05:27 | 000,692,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.05.29 21:05:27 | 000,070,832 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.05.29 21:05:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014.05.29 21:05:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014.05.29 21:00:24 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Mozilla
[2014.05.29 21:00:24 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Mozilla
[2014.05.29 21:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014.05.29 21:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014.05.29 21:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.05.29 20:58:06 | 000,317,952 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\SysWow64\Roboex32.dll
[2014.05.29 20:58:06 | 000,144,896 | ---- | C] (America Online) -- C:\Windows\SysWow64\Jgdw500.dll
[2014.05.29 20:58:06 | 000,126,976 | ---- | C] (LuraTech GmbH) -- C:\Windows\SysWow64\lwf214p.dll
[2014.05.29 20:58:06 | 000,015,872 | ---- | C] (Johnson-Grace Company) -- C:\Windows\SysWow64\Jgpl500.dll
[2014.05.29 20:58:06 | 000,013,312 | ---- | C] (Johnson-Grace Company) -- C:\Windows\SysWow64\Jgst500.dll
[2014.05.29 20:58:06 | 000,011,264 | ---- | C] (Johnson-Grace Company) -- C:\Windows\SysWow64\Jgid500.dll
[2014.05.29 20:58:06 | 000,011,264 | ---- | C] (Johnson-Grace Company) -- C:\Windows\SysWow64\Jgar500.dll
[2014.05.29 20:58:06 | 000,007,168 | ---- | C] (Johnson-Grace Company) -- C:\Windows\SysWow64\Jgme500.dll
[2014.05.29 20:58:06 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2014.05.29 20:58:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2014.05.29 20:58:06 | 000,000,000 | ---D | C] -- C:\Program Files\ACD Systems
[2014.05.29 20:57:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014.05.29 20:57:24 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.05.29 20:57:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.05.29 20:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2014.05.29 20:56:47 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\GHISLER
[2014.05.29 20:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\totalcmd
[2014.05.29 20:51:59 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2014.05.29 20:51:59 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\GHISLER
[2014.05.29 20:49:53 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\ATI
[2014.05.29 20:49:53 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\ATI
[2014.05.29 20:46:13 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
[2014.05.29 20:46:11 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\library_dir
[2014.05.29 20:45:14 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Raptr
[2014.05.29 20:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr
[2014.05.29 20:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014.05.29 20:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014.05.29 20:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014.05.29 20:41:13 | 000,000,000 | ---D | C] -- C:\AMD
[2014.05.29 20:36:38 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Creative
[2014.05.29 20:34:36 | 000,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\Updreg.EXE
[2014.05.29 20:34:34 | 000,375,424 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\ChezSC64.DLL
[2014.05.29 20:34:34 | 000,327,296 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\ChezSC32.DLL
[2014.05.29 20:34:34 | 000,148,096 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBCfg64.exe
[2014.05.29 20:34:34 | 000,138,880 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBCfg32.exe
[2014.05.29 20:34:34 | 000,041,088 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBCfg64.dll
[2014.05.29 20:34:34 | 000,038,016 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBCfg32.dll
[2014.05.29 20:34:34 | 000,015,488 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\ResDefA.exe
[2014.05.29 20:34:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2014.05.29 20:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2014.05.29 20:33:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2014.05.29 20:32:15 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2014.05.29 20:32:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2014.05.29 20:32:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2014.05.29 20:32:04 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014.05.29 20:31:55 | 000,032,344 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\MBfilt64.sys
[2014.05.29 20:31:54 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014.05.29 20:31:54 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2014.05.29 20:31:54 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2014.05.29 20:31:54 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2014.05.29 20:31:54 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2014.05.29 20:31:54 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2014.05.29 20:31:53 | 002,831,576 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2014.05.29 20:31:53 | 002,794,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2014.05.29 20:31:53 | 001,019,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2014.05.29 20:31:53 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2014.05.29 20:31:53 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2014.05.29 20:31:52 | 001,958,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2014.05.29 20:31:52 | 001,286,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2014.05.29 20:31:52 | 000,627,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2014.05.29 20:31:52 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2014.05.29 20:31:52 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2014.05.29 20:31:52 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2014.05.29 20:31:52 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2014.05.29 20:31:52 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2014.05.29 20:31:51 | 000,947,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2014.05.29 20:31:51 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2014.05.29 20:31:42 | 002,040,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014.05.29 20:31:42 | 001,042,520 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014.05.29 20:31:41 | 001,999,128 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO264.dll
[2014.05.29 20:31:41 | 001,728,280 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO232.dll
[2014.05.29 20:31:41 | 000,397,592 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll
[2014.05.29 20:31:41 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2014.05.29 20:31:39 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014.05.29 20:31:37 | 000,209,096 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2014.05.29 20:31:37 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2014.05.29 20:31:37 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2014.05.29 20:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2014.05.29 20:31:36 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2014.05.29 20:31:35 | 002,080,472 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2014.05.29 20:31:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014.05.29 20:31:29 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014.05.29 20:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
[2014.05.29 20:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm
[2014.05.29 20:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros
[2014.05.29 20:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2014.05.29 20:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014.05.29 20:30:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014.05.29 20:30:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI
[2014.05.29 20:30:28 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Programs
[2014.05.29 20:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014.05.29 20:29:00 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014.05.29 20:21:01 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014.05.29 20:19:17 | 000,000,000 | R--D | C] -- C:\Users\huld4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014.05.29 20:19:17 | 000,000,000 | R--D | C] -- C:\Users\huld4\Searches
[2014.05.29 20:19:17 | 000,000,000 | R--D | C] -- C:\Users\huld4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014.05.29 20:19:12 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Identities
[2014.05.29 20:19:11 | 000,000,000 | R--D | C] -- C:\Users\huld4\Contacts
[2014.05.29 20:19:10 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\VirtualStore
[2014.05.29 20:19:08 | 000,000,000 | --SD | C] -- C:\Users\huld4\AppData\Roaming\Microsoft
[2014.05.29 20:19:08 | 000,000,000 | R--D | C] -- C:\Users\huld4\Videos
[2014.05.29 20:19:08 | 000,000,000 | R--D | C] -- C:\Users\huld4\Saved Games
[2014.05.29 20:19:08 | 000,000,000 | R--D | C] -- C:\Users\huld4\Pictures
[2014.05.29 20:19:08 | 000,000,000 | R--D | C] -- C:\Users\huld4\Music
[2014.05.29 20:19:08 | 000,000,000 | R--D | C] -- C:\Users\huld4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014.05.29 20:19:08 | 000,000,000 | R--D | C] -- C:\Users\huld4\Links
[2014.05.29 20:19:08 | 000,000,000 | R--D | C] -- C:\Users\huld4\Favorites
[2014.05.29 20:19:08 | 000,000,000 | R--D | C] -- C:\Users\huld4\Downloads
[2014.05.29 20:19:08 | 000,000,000 | R--D | C] -- C:\Users\huld4\Documents
[2014.05.29 20:19:08 | 000,000,000 | R--D | C] -- C:\Users\huld4\Desktop
[2014.05.29 20:19:08 | 000,000,000 | R--D | C] -- C:\Users\huld4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\AppData\Local\Temporary Internet Files
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\Šablony
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\Soubory cookie
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\SendTo
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\Poslední
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\Okolní tiskárny
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\Okolní síť
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\Documents\Obrázky
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\Nabídka Start
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\Local Settings
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\Documents\Hudba
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\AppData\Local\History
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\Documents\Filmy
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\Dokumenty
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\Data aplikací
[2014.05.29 20:19:08 | 000,000,000 | -HSD | C] -- C:\Users\huld4\AppData\Local\Data aplikací
[2014.05.29 20:19:08 | 000,000,000 | -H-D | C] -- C:\Users\huld4\AppData
[2014.05.29 20:19:08 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Temp
[2014.05.29 20:19:08 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Local\Microsoft
[2014.05.29 20:19:08 | 000,000,000 | ---D | C] -- C:\Users\huld4\AppData\Roaming\Media Center Programs
[2014.05.29 20:19:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2014.05.29 20:19:07 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014.05.29 20:19:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2014.05.29 20:19:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2014.05.29 20:19:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Oblíbené položky
[2014.05.29 20:19:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2014.05.29 20:19:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2014.05.29 20:19:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2014.05.29 20:19:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2014.05.29 20:19:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2014.05.29 20:07:22 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014.05.29 20:07:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2014.06.03 16:47:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.06.03 16:44:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\huld4\Desktop\OTL.exe
[2014.06.03 16:42:47 | 000,009,993 | ---- | M] () -- C:\Windows\SysWow64\Utility.xml
[2014.06.03 16:42:36 | 000,084,720 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2014.06.03 16:42:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.06.02 23:09:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.06.02 20:58:04 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.06.02 20:57:23 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.06.02 17:42:20 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.06.02 17:42:20 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.06.02 17:41:01 | 001,578,746 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.06.02 17:41:01 | 000,666,922 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.06.02 17:41:01 | 000,652,488 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.06.02 17:41:01 | 000,140,100 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.06.02 17:41:01 | 000,120,890 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.06.01 22:01:26 | 000,303,594 | RHS- | M] () -- C:\CNTLW
[2014.06.01 21:42:31 | 000,000,562 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
[2014.05.31 19:15:50 | 000,000,095 | ---- | M] () -- C:\Windows\winamp.ini
[2014.05.31 16:46:04 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2014.05.31 16:45:42 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.05.31 16:45:38 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014.05.31 16:45:38 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.05.31 16:03:12 | 000,000,022 | ---- | M] () -- C:\Windows\GPU-Z.INI
[2014.05.31 15:23:31 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014.05.31 15:20:18 | 000,001,227 | ---- | M] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2014.05.31 15:19:03 | 000,081,930 | ---- | M] () -- C:\Users\huld4\Desktop\d.PNG
[2014.05.31 12:08:22 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2014.05.31 10:02:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014.05.31 09:30:12 | 000,088,119 | ---- | M] () -- C:\Users\huld4\Desktop\w.PNG
[2014.05.31 07:54:35 | 000,000,952 | ---- | M] () -- C:\Users\Public\Desktop\Wolfenstein The New Order.lnk
[2014.05.30 22:14:04 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2014.05.30 22:14:01 | 000,001,086 | ---- | M] () -- C:\Users\huld4\Desktop\HearthstoneTracker.lnk
[2014.05.30 22:09:24 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.05.30 22:09:24 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.05.30 22:09:24 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.05.30 22:09:24 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014.05.30 21:54:02 | 000,001,793 | ---- | M] () -- C:\Users\huld4\Desktop\WINAMP.LNK
[2014.05.30 21:52:45 | 000,001,246 | ---- | M] () -- C:\Users\huld4\Desktop\utorrent – zástupce.lnk
[2014.05.30 21:46:29 | 000,002,055 | ---- | M] () -- C:\Users\Public\Desktop\MSI Live Update 6.lnk
[2014.05.30 21:41:03 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2014.05.30 21:29:48 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2014.05.30 21:29:48 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014.05.30 20:17:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2014.05.30 17:28:01 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.05.30 17:28:01 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.05.30 17:23:12 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2014.05.30 17:14:24 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2014.05.29 22:33:59 | 000,001,187 | ---- | M] () -- C:\Users\Public\Desktop\Hearthstone.lnk
[2014.05.29 22:29:21 | 000,000,930 | ---- | M] () -- C:\Users\huld4\Desktop\HD Tune.lnk
[2014.05.29 21:21:38 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014.05.29 21:21:33 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2014.05.29 21:19:37 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2014.05.29 21:06:39 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014.05.29 21:00:22 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.05.29 20:56:26 | 000,000,429 | ---- | M] () -- C:\Windows\Marias.ini
[2014.05.29 20:52:00 | 000,001,037 | ---- | M] () -- C:\Users\huld4\Desktop\Total Commander.lnk
[2014.05.29 20:49:50 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2014.05.29 20:43:46 | 001,553,692 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.05.29 20:34:31 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2014.05.29 20:31:25 | 000,002,821 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
[2014.05.29 20:31:25 | 000,002,783 | ---- | M] () -- C:\Users\Public\Desktop\Killer Network Manager.lnk
[2014.05.29 20:08:52 | 000,219,876 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014.05.29 20:08:52 | 000,219,876 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014.05.29 20:07:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014.05.29 20:07:20 | 000,274,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.05.09 11:16:43 | 000,130,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2014.05.09 11:16:43 | 000,112,080 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2014.05.09 11:16:43 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys

========== Files Created - No Company Name ==========

[2014.06.03 16:47:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.06.01 22:01:26 | 000,303,594 | RHS- | C] () -- C:\CNTLW
[2014.06.01 21:42:31 | 000,000,562 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
[2014.05.31 16:46:04 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2014.05.31 16:45:38 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.05.31 16:45:38 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014.05.31 16:45:38 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.05.31 16:03:12 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
[2014.05.31 15:23:31 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014.05.31 15:20:18 | 000,001,227 | ---- | C] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2014.05.31 15:19:03 | 000,081,930 | ---- | C] () -- C:\Users\huld4\Desktop\d.PNG
[2014.05.31 12:08:22 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2014.05.31 10:02:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014.05.31 09:30:12 | 000,088,119 | ---- | C] () -- C:\Users\huld4\Desktop\w.PNG
[2014.05.31 07:54:35 | 000,000,964 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The New Order.lnk
[2014.05.31 07:54:35 | 000,000,952 | ---- | C] () -- C:\Users\Public\Desktop\Wolfenstein The New Order.lnk
[2014.05.30 22:14:04 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2014.05.30 22:14:01 | 000,001,086 | ---- | C] () -- C:\Users\huld4\Desktop\HearthstoneTracker.lnk
[2014.05.30 21:54:02 | 000,001,793 | ---- | C] () -- C:\Users\huld4\Desktop\WINAMP.LNK
[2014.05.30 21:53:58 | 000,000,095 | ---- | C] () -- C:\Windows\winamp.ini
[2014.05.30 21:52:45 | 000,001,246 | ---- | C] () -- C:\Users\huld4\Desktop\utorrent – zástupce.lnk
[2014.05.30 21:46:41 | 000,009,993 | ---- | C] () -- C:\Windows\SysWow64\Utility.xml
[2014.05.30 21:46:29 | 000,002,055 | ---- | C] () -- C:\Users\Public\Desktop\MSI Live Update 6.lnk
[2014.05.30 21:29:48 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2014.05.30 21:29:48 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014.05.30 20:17:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2014.05.30 17:14:24 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2014.05.29 22:33:59 | 000,001,187 | ---- | C] () -- C:\Users\Public\Desktop\Hearthstone.lnk
[2014.05.29 22:29:21 | 000,000,930 | ---- | C] () -- C:\Users\huld4\Desktop\HD Tune.lnk
[2014.05.29 21:48:28 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2014.05.29 21:21:38 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014.05.29 21:21:33 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2014.05.29 21:19:37 | 000,001,150 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2014.05.29 21:06:39 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2014.05.29 21:06:39 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2014.05.29 21:05:27 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.05.29 21:00:22 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014.05.29 21:00:22 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.05.29 20:58:06 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\ldf252.dll
[2014.05.29 20:57:45 | 000,002,593 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2003.lnk
[2014.05.29 20:56:26 | 000,000,429 | ---- | C] () -- C:\Windows\Marias.ini
[2014.05.29 20:52:00 | 000,001,037 | ---- | C] () -- C:\Users\huld4\Desktop\Total Commander.lnk
[2014.05.29 20:51:59 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2014.05.29 20:51:59 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2014.05.29 20:51:59 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2014.05.29 20:51:59 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2014.05.29 20:51:59 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2014.05.29 20:51:59 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2014.05.29 20:51:59 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2014.05.29 20:49:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014.05.29 20:34:34 | 000,013,741 | ---- | C] () -- C:\Windows\SysNative\MBCfg64.ini
[2014.05.29 20:34:34 | 000,013,741 | ---- | C] () -- C:\Windows\SysWow64\MBCfg32.ini
[2014.05.29 20:34:34 | 000,005,856 | ---- | C] () -- C:\Windows\SysNative\MBCfgUninstall64.ini
[2014.05.29 20:34:34 | 000,005,856 | ---- | C] () -- C:\Windows\SysWow64\MBCfgUninstall32.ini
[2014.05.29 20:34:34 | 000,002,835 | ---- | C] () -- C:\Windows\MBCfg_SP_APOIM.ini
[2014.05.29 20:34:34 | 000,002,783 | ---- | C] () -- C:\Windows\MBCfg_APOIM.ini
[2014.05.29 20:34:34 | 000,002,747 | ---- | C] () -- C:\Windows\MBCfg_HP_APOIM.ini
[2014.05.29 20:34:31 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2014.05.29 20:34:31 | 000,274,944 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2014.05.29 20:34:31 | 000,089,600 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2014.05.29 20:34:31 | 000,074,240 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2014.05.29 20:34:31 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2014.05.29 20:32:15 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014.05.29 20:31:52 | 000,837,014 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014.05.29 20:31:25 | 000,002,821 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
[2014.05.29 20:31:25 | 000,002,783 | ---- | C] () -- C:\Users\Public\Desktop\Killer Network Manager.lnk
[2014.05.29 20:30:15 | 001,553,692 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.05.29 20:19:20 | 000,001,413 | ---- | C] () -- C:\Users\huld4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014.05.29 20:19:18 | 000,001,447 | ---- | C] () -- C:\Users\huld4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014.05.29 20:08:47 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014.05.29 20:08:47 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014.05.29 20:07:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014.04.18 04:22:56 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014.04.18 04:22:56 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014.04.18 03:25:52 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014.04.18 03:25:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014.04.17 22:28:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.05.29 21:20:28 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Battle.net
[2014.05.31 12:14:24 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\BSplayer
[2014.05.30 19:07:47 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\BSplayer Pro
[2014.05.30 22:19:16 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\DAEMON Tools Lite
[2014.05.29 20:51:59 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\GHISLER
[2014.05.29 20:46:11 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\library_dir
[2014.05.31 12:21:05 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Origin
[2014.06.03 16:42:46 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Raptr

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,008,766 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.05.29 21:05:27 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\drivers\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe

< MD5 for: NDIS.SYS >
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\drivers\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\drivers\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[13 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[27 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.05.29 21:06:58 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Adobe
[2014.05.29 20:49:53 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\ATI
[2014.05.30 17:26:36 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Avira
[2014.05.29 21:20:28 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Battle.net
[2014.05.31 12:14:24 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\BSplayer
[2014.05.30 19:07:47 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\BSplayer Pro
[2014.05.30 22:19:16 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\DAEMON Tools Lite
[2014.05.29 20:51:59 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\GHISLER
[2014.05.29 20:19:12 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Identities
[2014.05.29 20:46:11 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\library_dir
[2014.05.30 18:55:19 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Logishrd
[2014.05.30 18:55:19 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Logitech
[2014.05.29 21:06:58 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Macromedia
[2010.11.21 11:38:07 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Media Center Programs
[2014.05.29 21:06:58 | 000,000,000 | --SD | M] -- C:\Users\huld4\AppData\Roaming\Microsoft
[2014.05.29 21:00:26 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Mozilla
[2014.05.31 12:21:05 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Origin
[2014.06.03 16:42:46 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Raptr
[2014.06.03 16:44:08 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\Skype
[2014.06.01 20:50:37 | 000,000,000 | ---D | M] -- C:\Users\huld4\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.06.03 16:42:47 | 000,009,993 | ---- | M] () -- C:\Windows\system32\Utility.xml

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Raptr" = C:\PROGRA~2\Raptr\raptrstub.exe --startup -- [2014.05.15 01:52:28 | 000,055,360 | ---- | M] (Raptr, Inc)
"Sidebar" = C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 05:25:10 | 001,174,016 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2014.05.08 09:51:52 | 021,444,224 | R--- | M] (Skype Technologies S.A.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"HearthstoneTracker" = "C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe" -logon -- [2014.03.26 21:47:12 | 008,130,048 | ---- | M] (HearthstoneTracker.com)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.06.03 16:47:15 | 000,000,512 | ---- | M] () MD5=0086F36F0B7BC8B257F89FC226376C3D -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014.05.09 11:16:44 | 000,044,112 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2014.05.09 11:16:44 | 000,494,672 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2014.05.09 11:16:44 | 000,193,104 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[2010.11.23 00:57:34 | 000,009,216 | ---- | M] () -- \Program Files (x86)\Raptr\_win32sysloader.pyd
[2014.05.29 20:44:55 | 000,011,783 | ---- | M] () -- \Users\huld4\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DFOTQMQ7\loader[1].js
[2014.05.29 21:22:18 | 000,017,912 | ---- | M] () -- \Users\huld4\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MF3NFHGM\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014.06.01 15:47:38 | 000,001,980 | ---- | M] () -- \Users\huld4\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MF3NFHGM\AdLoader[1].htm
[2014.05.29 21:22:18 | 000,001,980 | ---- | M] () -- \Users\huld4\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBF69V10\AdLoader[1].htm
[2014.05.29 20:47:43 | 000,002,545 | ---- | M] () -- \Users\huld4\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBF69V10\loader[1].gif
[2014.05.30 19:07:36 | 000,022,002 | ---- | M] () -- \Users\huld4\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBF69V10\ProgressLoader[1].gif
[2014.02.18 18:46:42 | 000,072,638 | ---- | M] () -- \Users\huld4\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.02.18 18:46:42 | 000,003,032 | ---- | M] () -- \Users\huld4\AppData\Local\Skype\Apps\login\images\loader.png
[2014.02.18 18:46:42 | 000,006,012 | ---- | M] () -- \Users\huld4\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.02.18 18:46:42 | 000,021,956 | ---- | M] () -- \Users\huld4\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.02.18 18:46:42 | 000,009,772 | ---- | M] () -- \Users\huld4\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2014.06.01 22:04:39 | 000,001,737 | ---- | M] () -- \Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ajax-loader-small[1].gif
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2014.06.01 22:04:39 | 000,001,737 | ---- | M] () -- \Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ajax-loader-small[1].gif
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 11:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 11:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 11:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 11:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 11:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2010.11.21 05:27:02 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2010.11.21 05:27:02 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89_winload.efi_75834aa0
[2010.11.21 05:27:02 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89_winload.exe_75835076
[2010.11.21 05:27:02 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89_winresume.efi_85cd069f
[2010.11.21 05:27:02 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >
[2014.06.01 22:00:47 | 000,000,626 | ---- | M] () -- \Users\huld4\AppData\Roaming\Microsoft\Windows\Recent\activator-windows-7-ultimate-64bit.lnk

< *serial* /s >
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2010.11.21 05:48:49 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\0728af1479c3388cadf85ccfc2b12582\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2010.11.21 05:49:37 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\4a984a9ad59d14063bc6ae64a0c8f62a\System.Runtime.Serialization.ni.dll
[2010.11.21 05:53:58 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\52bdf474b237d949c5b2b407ebec8f1e\System.Runtime.Serialization.ni.dll
[2010.11.21 05:52:15 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8ad0e1382ab6565741bbb64b965f2748\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.05.29 20:44:22 | 000,304,640 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\873837befa260d32cd0b3ce811b96efb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.05.29 20:44:22 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\873837befa260d32cd0b3ce811b96efb\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.05.29 20:44:28 | 002,785,280 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\293cfe2c05a8ee921726927fd00ea81c\System.Runtime.Serialization.ni.dll
[2014.05.29 20:44:28 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\293cfe2c05a8ee921726927fd00ea81c\System.Runtime.Serialization.ni.dll.aux
[2014.05.29 21:56:23 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\15ecbb8a1ddca366bda70718005521a1\System.Xml.Serialization.ni.dll
[2014.05.29 21:56:23 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\15ecbb8a1ddca366bda70718005521a1\System.Xml.Serialization.ni.dll.aux
[2014.05.29 21:58:01 | 000,373,248 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\cab4c46773a123bd72b938cc405aed46\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.05.29 21:58:01 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\cab4c46773a123bd72b938cc405aed46\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.05.29 21:58:52 | 003,599,872 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\9ffb83b70cc1fa28d2fd02956cf0c831\System.Runtime.Serialization.ni.dll
[2014.05.29 21:58:52 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\9ffb83b70cc1fa28d2fd02956cf0c831\System.Runtime.Serialization.ni.dll.aux
[2014.05.29 22:00:11 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\b2db45296eabfd00db1920158f3f5eb5\System.Xml.Serialization.ni.dll
[2014.05.29 22:00:11 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\b2db45296eabfd00db1920158f3f5eb5\System.Xml.Serialization.ni.dll.aux
[2012.07.09 00:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 00:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2012.07.09 00:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2012.07.09 00:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2012.07.09 00:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.07.09 00:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2012.07.09 00:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2012.07.09 00:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2012.07.09 00:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 00:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012.07.09 00:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012.07.09 00:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012.07.09 00:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2012.07.09 00:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:04 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2012.07.09 00:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2012.07.09 00:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 00:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012.07.09 00:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012.07.09 00:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012.07.09 00:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2012.07.09 00:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010.11.21 11:27:01 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2010.11.21 11:27:01 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.11.21 11:27:04 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2010.11.21 11:27:06 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2010.11.21 11:27:07 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2009.07.14 04:57:21 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2009.07.14 04:57:21 | 000,017,984 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc_kdcom.dll_db5e7744
[2010.11.21 11:27:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2010.11.21 11:27:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2010.11.21 11:26:35 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2010.11.21 11:27:05 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 11:27:01 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.21 11:27:11 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

Re: kontrola logu

Napsal: 03 čer 2014 15:57
od huld4
OTL Extras logfile created on: 3.6.2014 16:45:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\huld4\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,93 Gb Total Physical Memory | 5,72 Gb Available Physical Memory | 72,04% Memory free
15,87 Gb Paging File | 13,29 Gb Available in Paging File | 83,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 11,13 Gb Free Space | 9,97% Space Free | Partition Type: NTFS
Drive D: | 931,39 Gb Total Space | 159,04 Gb Free Space | 17,08% Space Free | Partition Type: NTFS

Computer Name: HULD4-PC | User Name: huld4 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2212814713-1669184054-1629592007-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\PROGRA~1\ACDSYS~1\ACDSee\ACDSee.exe" "%1" (ACD Systems, Ltd.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\PROGRA~1\ACDSYS~1\ACDSee\ACDSee.exe" "%1" (ACD Systems, Ltd.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A25F09F-2A3D-480F-AED4-DFCD365D6438}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{208A8320-9990-4FE8-B2F5-E7E222968750}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{270BA490-53E5-44A3-9AF7-5AF3C8B69518}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{548227E9-E491-4D56-A292-2BAF6AAB90BB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{5CA54E4B-6AF8-4638-980D-8298D8F52314}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{819EB546-E3B6-477C-B4EE-2654F87FFBB1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9A6363ED-EE2A-458B-96FD-CEE9757BE24F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9AD51267-2BD5-46CD-B887-CEC7838F5FF5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9CC9B5C6-1E15-493A-8DCA-D09021746787}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{AE4B6430-1B79-4C02-99DF-CBF77D122515}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{B2E4CFAE-98A5-4862-907A-5E957F1DDCA5}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{B36B6F99-75AF-4157-82E3-BEA4FA18B47D}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{CBB3EBF7-F13D-470D-9E2C-5144CFCA979A}" = protocol=17 | dir=in | app=d:\data\install\....net\utorrent\utorrent.exe |
"{CD84E580-0D4A-43B8-BA09-8BA1E21001E6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{CF183148-D8D2-401D-8539-52BF6D37823B}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{D8CC4205-E55A-4F1D-97CF-82153FA2C399}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{DB104B63-0BAA-42C3-A6A3-EDF24D4A5B9D}" = protocol=6 | dir=in | app=d:\data\install\....net\utorrent\utorrent.exe |
"{E1ACCBFE-38D0-48B8-8F2A-CA228211318B}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{EC674C6F-0FFD-4F2A-B879-43F672157C96}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{EE0507E9-2D59-445B-9BF8-DC6E2C321B5F}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{FE6E4950-07D1-4EB9-A8FC-A1EACEE1023A}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"TCP Query User{3CFD3DC1-F477-4CB3-9CE8-619C3F84DF41}D:\data\install\....net\qip\qip.exe" = protocol=6 | dir=in | app=d:\data\install\....net\qip\qip.exe |
"TCP Query User{7D4F8D15-819C-4884-842C-4DA3D263BFAE}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe |
"UDP Query User{70167CBD-9EFA-463F-A761-4AEC54B7F706}D:\data\install\....net\qip\qip.exe" = protocol=17 | dir=in | app=d:\data\install\....net\qip\qip.exe |
"UDP Query User{B2A3944F-BFE9-4334-97BB-F0316CC8F432}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A2E1907-D0DE-0D01-CA64-CB0AB0BFE539}" = AMD Wireless Display v3.0
"{1664D45E-FA92-8C52-92E9-E8ADB04A18ED}" = AMD Drag and Drop Transcoding
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6119B3A6-3603-9695-0398-CDF2AF0A13F8}" = AMD Catalyst Install Manager
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{7364C716-1212-4EAE-B0C9-A31D1E797BF8}" = Qualcomm Atheros Network Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{ABD878B8-E7E3-2BC4-5A95-478133DCFFC3}" = AMD Accelerated Video Transcoding
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{B7CC660E-F31D-490C-BD2A-2CB2EC5A5E3A}" = Intel(R) Chipset Device Software
"{C80C9B28-CF99-431C-88C8-8B1F9B6A182F}" = Qualcomm Atheros Bandwidth Control Filter Driver
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D3485211-6ACA-8BC3-1AAB-29FC5552C454}" = ccc-utility64
"{DD2A85B3-64C5-4263-A7AF-4F61FA5F369A}" = Qualcomm Atheros Killer E220x Drivers
"{FD67BFA0-E205-47AA-BA09-123B3B72DB5E}" = 3DMark 11
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.25
"Logitech Gaming Software" = Logitech Gaming Software 8.53

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{031F80EB-1FE5-45EF-9DE2-E2F5AF01259F}" = CCC Help Spanish
"{032DC00A-51D1-4D28-BFB7-1D0E85291E11}" = Futuremark SystemInfo
"{0B15A8C3-3B8A-F229-A880-82EA62908425}" = CCC Help Dutch
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1A6752E1-966B-9D1F-F6B7-DDBCA6FC87ED}" = CCC Help Russian
"{2058DA53-D5F2-D8D9-7325-39B0E367D1E1}" = CCC Help Swedish
"{2090B6D0-E025-5A67-9838-8F1D5768E643}" = CCC Help Chinese Standard
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{2AD4FF67-43E9-77AD-D90C-584F950E2D12}" = CCC Help French
"{3A577334-7C90-55BC-1878-F5862FA268B2}" = CCC Help Korean
"{3BF289E3-933B-F421-3B59-F6BB0D285B09}" = CCC Help Hungarian
"{3CB6BA0C-6BC5-E543-221A-AA4DEBB6F4B5}" = CCC Help Polish
"{430E2D32-6EA9-E6E4-80A1-84047694A45B}" = CCC Help Czech
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6A8D33-09CD-FD44-4BF0-999E8A6E93C8}" = CCC Help Italian
"{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1" = MSI Live Update
"{68e29fba-92b1-4f6f-a604-1d8679da3a9f}" = Avira
"{6EBDE2A2-0CFB-9134-A859-68A0002B3FA6}" = CCC Help Thai
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{769E98DC-2BB0-83A7-51C9-306F30232345}" = Catalyst Control Center Graphics Previews Common
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1" = VGA Boost
"{8181B50E-0E33-DE07-AAB2-E71BBBDBF288}" = CCC Help Portuguese
"{83FB054C-7DA5-1C76-BFB2-423426DC35BB}" = AMD Catalyst Control Center
"{8A640069-9784-701E-AC8E-84F62C42D1A3}" = CCC Help English
"{90AF0405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{93098E43-2743-1551-447F-2699E9591E9C}" = CCC Help Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3703A3B-FDCF-4349-4B2E-A189A2B90B51}" = CCC Help Chinese Traditional
"{A619A488-A4BA-F2A0-72FA-4C484B93DC0F}" = CCC Help Greek
"{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}" = Sound Blaster Cinema 2
"{C4799AAA-CE52-D2F1-63C8-E6D5106C78E0}" = CCC Help Norwegian
"{C6182116-5F2D-9949-B42B-06073E86A98A}" = CCC Help German
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CC6C7F05-AF23-65BD-702D-705EAB723578}" = CCC Help Japanese
"{D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}" = Avira
"{D5B7F1A3-2CA6-4C5C-EFB6-4AA5772F5310}" = CCC Help Turkish
"{DBA6B3EF-A8C0-4EB2-9554-3A7879838580}" = Catalyst Control Center Localization All
"{e48a2f61-851a-4155-82f9-af1b04db8c3b}" = Intel® Chipset Device Software
"{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}" = Qualcomm Atheros Killer Network Manager Suite
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4A6308C-55E6-57DF-95BB-AEEF374B469A}" = CCC Help Finnish
"{F543B0F9-D1F9-25D1-993C-8430BEC9D889}" = Catalyst Control Center InstallProxy
"{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}" = 3DMark 11
"ACDSee" = ACDSee
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battle.net" = Battle.net
"Battlelog Web Plugins" = Battlelog Web Plugins
"Crack windows 7 ultimate 1.00" = Crack windows 7 ultimate 1.00
"Diablo III" = Diablo III
"Fraps" = Fraps
"HD Tune_is1" = HD Tune 2.55
"Hearthstone" = Hearthstone
"HearthstoneTracker" = HearthstoneTracker
"Mozilla Firefox 29.0.1 (x86 cs)" = Mozilla Firefox 29.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Raptr" = Raptr
"Totalcmd" = Total Commander (Remove or Repair)
"V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1" = Wolfenstein: The New Order
"VLC media player" = VLC media player 2.1.3
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR archiver

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 31.5.2014 11:28:59 | Computer Name = huld4-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vlc.exe, verze: 2.1.3.0, časové razítko:
0x00000004 Název chybujícího modulu: vlc.exe, verze: 2.1.3.0, časové razítko: 0x00000004
Kód
výjimky: 0xc0000005 Posun chyby: 0x00001a8f ID chybujícího procesu: 0x1290 Čas spuštění
chybující aplikace: 0x01cf7ce3b6132b1f Cesta k chybující aplikaci: C:\Program Files
(x86)\VideoLAN\VLC\vlc.exe Cesta k chybujícímu modulu: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
ID
zprávy: 491ea284-e8d8-11e3-b522-448a5b9c0eab

Error - 1.6.2014 1:45:43 | Computer Name = huld4-PC | Source = WinMgmt | ID = 10
Description =

Error - 1.6.2014 3:03:09 | Computer Name = huld4-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vlc.exe, verze: 2.1.3.0, časové razítko:
0x00000004 Název chybujícího modulu: vlc.exe, verze: 2.1.3.0, časové razítko: 0x00000004
Kód
výjimky: 0xc0000005 Posun chyby: 0x00001a8f ID chybujícího procesu: 0x133c Čas spuštění
chybující aplikace: 0x01cf7d5cc98cf738 Cesta k chybující aplikaci: C:\Program Files
(x86)\VideoLAN\VLC\vlc.exe Cesta k chybujícímu modulu: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
ID
zprávy: c952c8e5-e95a-11e3-98b0-448a5b9c0eab

Error - 1.6.2014 9:48:33 | Computer Name = huld4-PC | Source = WinMgmt | ID = 10
Description =

Error - 1.6.2014 16:03:54 | Computer Name = huld4-PC | Source = WinMgmt | ID = 10
Description =

Error - 1.6.2014 16:07:34 | Computer Name = huld4-PC | Source = WinMgmt | ID = 10
Description =

Error - 2.6.2014 11:06:22 | Computer Name = huld4-PC | Source = WinMgmt | ID = 10
Description =

Error - 2.6.2014 11:28:20 | Computer Name = huld4-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Hearthstone.exe, verze: 1.0.0.5506, časové
razítko: 0x5321f827 Název chybujícího modulu: Connect.DLL_unloaded, verze: 0.0.0.0,
časové razítko: 0x537434ca Kód výjimky: 0xc000041d Posun chyby: 0x1024dde0 ID chybujícího
procesu: 0x10e4 Čas spuštění chybující aplikace: 0x01cf7e7707fca239 Cesta k chybující
aplikaci: C:\Program Files (x86)\Hearthstone\Hearthstone.exe Cesta k chybujícímu
modulu: Connect.DLL ID zprávy: 86c13ef3-ea6a-11e3-a1e6-448a5b9c0eab

Error - 2.6.2014 11:36:49 | Computer Name = huld4-PC | Source = WinMgmt | ID = 10
Description =

Error - 3.6.2014 10:44:13 | Computer Name = huld4-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 30.5.2014 18:13:00 | Computer Name = huld4-PC | Source = Service Control Manager | ID = 7023
Description = Služba Superfetch byla ukončena s následující chybou: %%1062

Error - 31.5.2014 7:19:44 | Computer Name = huld4-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (12:51:36, ?31.?5.?2014) bylo neočekávané.


< End of report >

Re: kontrola logu

Napsal: 03 čer 2014 17:26
od Márty84
:???: Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze :?:


:arrow: Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: kontrola logu

Napsal: 03 čer 2014 18:19
od huld4
Je to uz asi novejsi verze....takze kompeltni bude asi ted SCAN HROZEB? Je to tak ?

edit:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 3.6.2014
Čas skenování: 19:33:20
Protokol: aaa.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.06.03.06
Databáze rootkitů: v2014.06.02.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: huld4

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 361191
Uplynulý čas: 28 min, 25 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 2
PUP.Optional.Conduit.A, C:\Users\huld4\AppData\Local\Temp\26a5216a-6469-469b-9b7d-b9e6ac70af09\bsplayer.exe, , [971bbab93c3f290d37711a2c966acc34],
PUP.Optional.OpenCandy, D:\Download\mumble-1.2.4.exe, , [c5ed3e35601b0234fc01b7d430d402fe],

Fyzické sektory: 0
(No malicious items detected)


(end)

Re: kontrola logu

Napsal: 04 čer 2014 09:12
od Márty84
huld4 píše:Je to uz asi novejsi verze....takze kompeltni bude asi ted SCAN HROZEB? Je to tak ?
Je to tak.


Ale nejak nevidim odpoved na svou otazku :?:

Re: kontrola logu

Napsal: 04 čer 2014 10:07
od huld4
Ano, neplete te se. Prave si nejsem jisty jestli me tam neco nehodil aktivator.

Avira me nasla nejake skryte objekty v souboru viz. screen nize.

http://i.imgur.com/u8F04aG.png

Re: kontrola logu

Napsal: 04 čer 2014 17:38
od Márty84
huld4 píše:Ano, neplete te se.
Ja vim, ja to v tom logu vidim :( Tak aspon jste to priznal. No a pravidla fora jste cetl? :boxed:


http://forum.viry.cz/viewtopic.php?f=12&t=115512
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
:42:



21.6. :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz