VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC1 at 2014-06-23 13:53:19
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 367 GB (81%) free of 454 GB
Total RAM: 8126 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:53:21, on 23. 6. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
D:\STEAM\Steam.exe
C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\OSCAR Editor\OscarData\Tools\MyShowMessage.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\PC1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 3&tsp=5194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.com # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.com # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.info # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.info # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.org # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.org # misleading site
O2 - BHO: CrossriderApp0032850 - {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [avgnt] "D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "D:\STEAM\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\PROGRAMY\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE /FU "C:\Windows\TEMP\E_S186F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRAMY\OFFICE\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://D:\PROGRAMY\OFFICE\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: ESL Wire Helper Service (EslWireHelper) - Unknown owner - D:\PROGRAMY\ESLWIRE\EslWire\service\WireHelperSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12831 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\avguard.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
D:\PROGRAMY\ESLWIRE\EslWire\service\WireHelperSvc.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"D:\STEAM\Steam.exe" -silent
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe" Minimum
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\OSCAR Editor\OscarData\Tools\MyShowMessage.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
"D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000004ac
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 6444df58-eab3-4f73-8d56-9a0ca11c9d23 0
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1152575992-369894229-1391088300-1014690930-176781883-1703343709-489496895586097440
\??\C:\Windows\system32\conhost.exe "12152241331824860380-21865855177152766-486987567-14646876671816968129665159640
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical

"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k defragsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3208.0.833678044\41166181" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15,39 --gpu-vendor-id=0x10de --gpu-device-id=0x1183 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_71/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3208.3.1525373920\1126706752" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_71/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3208.5.89333366\1469735613" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3208.6.1310470850\518846330" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\PC1\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HDvid-Codec V9.0-chromeinstaller.job - C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-chromeinstaller.exe /rawdata=pAOYEbv/4QST8fCKYeC4TvVK7R85Xmi8cQT2ourU49PWLRLQQSUf76StDRKdVmNHStqTL2JwkSH2qeE6paswI1GS77pQhWdiryByYfSFAmivRN98CZFlTBWYSpSxQHlwuu06ookyfMb6mOFHFL8PhZuCBU+IgeBQCUe20UuwWLuf5u//AuIy+lMPD6rlhS1zRmMfZvoodXdPv14LK+cj/NQNsSdj0GxwGX3olIfZYLDi5ZLCdOpjOjXQdJonzuT4XBfRrKGWxZr4J8BCDuCE3sJednNYL1ZKSL7BJrpPxPm5nuEm6R2U2kcd5hZIW9hHQybw+BVW+HR+8ZgdGrUD/J+jUZ7ecIVadZBZFZ04ZAWFzvVbt1PAaoEzXb2ToyVZuUxK4n05t5zFN7sGVSz4QOgACMP7IuCJXL65EbpoBvWD02GMazZ5/ehKrCcAy2C2XaS1NDx2oDZk6jk6+jOTBU+njvEfTZvPJjLyDhD1xUKzuqtEl1MGKo1CDcuog/4deaPaf3a29PCvNItZJgnBi3pNkxBVCkfh4CH5MZUjc9erAuFhiJBLOs9q8r3ux8juAMnd7nDEBxLHMuCwFE0dapTCqo8l9JVYcN2TezZmtIFcKbASiR2Ts4ZDORnS5zLnGh9sionZt1b2q5CoKIc7+h2hI5whS1sgMZCklXkLK58d+vtiotKzJDFNrswy2/1Qn6Bk1SfsfhAAXkJsr5AN3qiz3XOjtGRGkXDQ5t8rTOu5j8bHUaJgdQUF3s0koUQvdDvdM4fbDNVrbb9iHjYbMuxfnWj87sP5CqhY0ZocBXGS+5HOtwAo6s175Ug8aHV7mqzJ1jhjEk1suXYWpwm0vFV4+i1gipNEHCzZOialEE3UM4Id2aL1rIc0pPcKfejAATINV/PGvJPF+shkA/nNisXS0Pehq8ZC7qbv3DUpyCq4VogQRyOADgLbvnd2jIhwxAJqPecFKFX/ToRWs9o5QsEvYMRcqQ8UfFJNfLzJMMOby8EEDGcycq22Rrwv1Q5auACkzhN17gkSIhhVAq4+NhvxPt+it4MYkzSFQWkcJQ25+dKdDZW2KmBbUkt1SNwBI9lpREHG2iU9nUiMXYtHxS91qVsv57lexHEaSoHKiRWckdveQXfRBnnoCqIKxdtgqRxSDEgESODXttwO6QHbjZIeiUGJIeW6pD1uU7lamHSV5FlHRUHohC3IkK37PzBngxeQoCOJmcbZg5kZgptk/qOZxrTeQi9yCKi8CHgJ9Udr/NVw527RSTXio9ady9kMpUOPrQw2zvA/et00s+a11716YvEDGgWTehKCGDh0OlPGVeRfgMYvF1Vhd7DLaO5MYt63g8DfPBOcgD2miQbcYQ==
C:\Windows\tasks\HDvid-Codec V9.0-firefoxinstaller.job - C:\Program Files (x86)\HDvid-Codec V9.0\HDvid-Codec V9.0-firefoxinstaller.exe /installxpi /agentregpath='HDvid-Codec V9.0' /extensionfilepath='C:\Program Files (x86)\HDvid-Codec V9.0\51356.xpi' /appid=51356 /srcid='001063' /subid='0' /zdata='0' /bic=73F120668BAF49C68AF80AD49DF2BAC5IE /verifier=d27ef738294efa126c1daea47149ce90 /installerversion=1_34_3_6 /installerfullversion=1.34.3.6 /installationtime=1395503249 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /waitforbrowser=300 /extensionid=fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com /extensionversion=0.94 /prefsbranch=afca3238e0f5246348e93c36d211b2ea9c1c012cf93b0488ea2c5453d23bec199com51356 /updateurl=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /51356.rdf /extensionname='HDvid-Codec V9.0' /extensiondesc='HDVid Codec - Enjoy the future of internet video with High Definition' /publishername='installdaddy' /defbro=ch /allusers /allprofiles /checkfflist /autoupdateulr='http://update.srvstatsdata.com/ff_agent ... pdate.json' /runfrom='task' /externallog=''
C:\Windows\tasks\Object Browser-chromeinstaller.job - C:\Program Files (x86)\Object Browser\Object Browser-chromeinstaller.exe /installcrx /agentregpath='Object Browser' /extensionfilepath='C:\Program Files (x86)\Object Browser\32850.crx' /appid=32850 /srcid='000046' /subid='0' /zdata='0' /bic=73F120668BAF49C68AF80AD49DF2BAC5IE /verifier=d27ef738294efa126c1daea47149ce90 /installerversion=1_29_153 /installerfullversion=1.29.153.0 /installationtime=1382705940 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /waitforbrowser=300 /extensionid=kfgaibfbmkjgmimhbbaikfnpkkjkpoan /extensionversion=1.25.78 /extensionpublickey=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChVspBKQDtP1js5lQOwlDjLPTfd51wjSsBNjs8EKOIidN01BDIgmdN3lmNlymhPeAw0YavDUkSQlzDvmacRNKSTqN69v0qz1ECADM9L8ci9qa1ij8WtXpccHqlc8AVdnN08Mnpo4QC6TFDVAF/oMg4QOdvRjr226ThHiCd02w3BQIDAQAB /allusers /allprofiles /externallog=''
C:\Windows\tasks\Object Browser-codedownloader.job - C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe /reinstallapp /agentregpath='Object Browser' /appid=32850 /srcid='000046' /subid='0' /zdata='0' /bic=73F120668BAF49C68AF80AD49DF2BAC5IE /verifier=d27ef738294efa126c1daea47149ce90 /installerversion=1_29_153 /installerfullversion=1.29.153.0 /installationtime=1382705940 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /codedownloaddomain=http://app-static.crossrider.com /allusers /externallog=''
C:\Windows\tasks\Object Browser-enabler.job - C:\Program Files (x86)\Object Browser\Object Browser-enabler.exe /enablebho /agentregpath='Object Browser' /appid=32850 /srcid='000046' /subid='0' /zdata='0' /bic=73F120668BAF49C68AF80AD49DF2BAC5IE /verifier=d27ef738294efa126c1daea47149ce90 /installerversion=1_29_153 /installationtime=1382705940 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110311281150 /allusers /externallog=''
C:\Windows\tasks\Object Browser-updater.job - C:\Program Files (x86)\Object Browser\Object Browser-updater.exe /runupdater /agentregpath='Object Browser' /appid=32850 /srcid='000046' /subid='0' /zdata='0' /bic=73F120668BAF49C68AF80AD49DF2BAC5IE /verifier=d27ef738294efa126c1daea47149ce90 /installerversion=1_29_153 /installationtime=1382705940 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /monetizationdomain=http://stats.syncstatsdata.com /geoserviceurl=http://ipgeoapi.com/ /updatejsondomain=http://update.srvstatsdata.com /updaterversion=2 /externallog=''

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}]
Object Browser - C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll [2013-10-25 958320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-04 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2012-10-01 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-04 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}]
Object Browser - C:\Program Files (x86)\Object Browser\Object Browser-bho.dll [2013-10-25 593776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-05-30 1279480]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\STEAM\steam.exe [2014-05-29 1754816]
"DAEMON Tools Lite"=D:\PROGRAMY\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"EPSON Stylus DX7400 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE [2007-04-12 213504]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe [2008-07-30 2865152]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-02-10 5015040]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-21 291648]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-07-19 133440]
"avgnt"=D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\avgnt.exe [2014-06-03 737872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-18 14:10:19 ----SD---- C:\Windows\system32\CompatTel
2014-06-18 14:05:39 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-06-18 14:05:39 ----A---- C:\Windows\system32\wmploc.DLL
2014-06-18 14:05:38 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-06-18 14:05:38 ----A---- C:\Windows\system32\wmp.dll
2014-06-18 13:59:48 ----D---- C:\Windows\Migration
2014-06-18 13:56:48 ----A---- C:\Windows\system32\IEUDINIT.EXE
2014-06-18 13:52:38 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2014-06-18 13:52:38 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-18 13:52:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-06-18 13:52:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-06-18 13:52:36 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2014-06-18 13:52:36 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-06-18 13:52:36 ----A---- C:\Windows\SYSWOW64\msls31.dll
2014-06-18 13:52:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-06-18 13:52:36 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2014-06-18 13:52:36 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-06-18 13:52:36 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-06-18 13:52:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-06-18 13:52:36 ----A---- C:\Windows\system32\elshyph.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\wextract.exe
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\url.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\occache.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\mshta.exe
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\inseng.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\icardie.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-06-18 13:52:35 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\wininet.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\urlmon.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-06-18 13:52:35 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-18 13:52:35 ----A---- C:\Windows\system32\msrating.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\msls31.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\mshtmler.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\msfeedssync.exe
2014-06-18 13:52:35 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\jsIntl.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\jscript9diag.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\jscript9.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\ieui.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\iesysprep.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\iertutil.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\ieframe.dll
2014-06-18 13:52:35 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\wextract.exe
2014-06-18 13:52:34 ----A---- C:\Windows\system32\webcheck.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\vbscript.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\url.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\pngfilt.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\occache.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\mshtml.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\mshta.exe
2014-06-18 13:52:34 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\licmgr10.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\jscript.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\inseng.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\imgutil.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\iexpress.exe
2014-06-18 13:52:34 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-18 13:52:34 ----A---- C:\Windows\system32\iesetup.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\iernonce.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\iepeers.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-06-18 13:52:34 ----A---- C:\Windows\system32\iedkcs32.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\ieapfltr.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\ieapfltr.dat
2014-06-18 13:52:34 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-18 13:52:34 ----A---- C:\Windows\system32\icardie.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-18 13:52:34 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-18 13:51:07 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2014-06-18 13:51:07 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\XpsPrint.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\WMPhoto.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\UIAnimation.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\FntCache.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\dxgi.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\DWrite.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\d3d10warp.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\d3d10level9.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\d3d10core.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\d3d10_1.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\d3d10.dll
2014-06-18 13:51:07 ----A---- C:\Windows\system32\d2d1.dll
2014-06-18 13:21:10 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-06-18 13:21:10 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-06-18 13:21:10 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-06-18 13:21:10 ----A---- C:\Windows\system32\RMActivate.exe
2014-06-18 13:21:09 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-06-18 13:21:09 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-06-18 13:21:09 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-06-18 13:21:09 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-06-18 13:21:09 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-06-18 13:21:09 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-06-18 13:21:09 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-06-18 13:21:09 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-06-18 13:21:09 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-06-18 13:21:09 ----A---- C:\Windows\system32\secproc_isv.dll
2014-06-18 13:21:09 ----A---- C:\Windows\system32\secproc.dll
2014-06-18 13:21:09 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-18 13:21:09 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-06-18 13:21:09 ----A---- C:\Windows\system32\msdrm.dll
2014-06-18 13:21:05 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2014-06-18 13:21:05 ----A---- C:\Windows\system32\d3d11.dll
2014-06-18 13:21:01 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-06-18 13:21:01 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-06-18 13:21:00 ----A---- C:\Windows\system32\shell32.dll
2014-06-18 13:20:59 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-06-18 13:20:56 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-06-18 13:20:56 ----A---- C:\Windows\system32\tzres.dll
2014-06-18 13:20:55 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-06-18 13:20:55 ----A---- C:\Windows\system32\rpcrt4.dll
2014-06-18 13:20:54 ----A---- C:\Windows\system32\rdpcorets.dll
2014-06-18 13:20:53 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2014-06-18 13:20:53 ----A---- C:\Windows\system32\imagehlp.dll
2014-06-18 13:20:50 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-06-18 13:20:50 ----A---- C:\Windows\system32\qedit.dll
2014-06-18 13:20:49 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-06-18 13:20:49 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-06-18 13:20:47 ----A---- C:\Windows\system32\aepdu.dll
2014-06-18 13:20:47 ----A---- C:\Windows\system32\aeinv.dll
2014-06-18 13:20:44 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-06-18 13:20:44 ----A---- C:\Windows\system32\iologmsg.dll
2014-06-18 13:20:44 ----A---- C:\Windows\system32\drivers\storport.sys
2014-06-18 13:20:44 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-06-18 13:20:44 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-06-18 13:20:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-06-18 13:20:24 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-06-18 13:20:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-06-18 13:20:24 ----A---- C:\Windows\system32\schannel.dll
2014-06-18 13:20:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-06-18 13:20:24 ----A---- C:\Windows\system32\lsasrv.dll
2014-06-18 13:20:24 ----A---- C:\Windows\system32\kerberos.dll
2014-06-18 13:20:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-06-18 13:20:23 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-06-18 13:20:23 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-06-18 13:20:23 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-06-18 13:20:23 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-06-18 13:20:23 ----A---- C:\Windows\system32\winlogon.exe
2014-06-18 13:20:23 ----A---- C:\Windows\system32\TSpkg.dll
2014-06-18 13:20:23 ----A---- C:\Windows\system32\objsel.dll
2014-06-18 13:20:23 ----A---- C:\Windows\system32\msv1_0.dll
2014-06-18 13:20:23 ----A---- C:\Windows\system32\KernelBase.dll
2014-06-18 13:20:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-06-18 13:20:23 ----A---- C:\Windows\system32\drivers\cng.sys
2014-06-18 13:20:22 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-06-18 13:20:22 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-06-18 13:20:22 ----A---- C:\Windows\system32\wdigest.dll
2014-06-18 13:20:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-06-18 13:20:21 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-06-18 13:20:21 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-06-18 13:20:21 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-06-18 13:20:21 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-06-18 13:20:21 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-06-18 13:20:21 ----A---- C:\Windows\system32\smss.exe
2014-06-18 13:20:21 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-06-18 13:20:21 ----A---- C:\Windows\system32\dimsroam.dll
2014-06-18 13:20:21 ----A---- C:\Windows\system32\csrsrv.dll
2014-06-18 13:20:21 ----A---- C:\Windows\system32\cngprovider.dll
2014-06-18 13:20:21 ----A---- C:\Windows\system32\capiprovider.dll
2014-06-18 13:20:21 ----A---- C:\Windows\system32\adprovider.dll
2014-06-18 13:20:20 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-06-18 13:20:20 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-06-18 13:20:20 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-06-18 13:20:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-06-18 13:20:20 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2014-06-18 13:20:20 ----A---- C:\Windows\system32\wincredprovider.dll
2014-06-18 13:20:20 ----A---- C:\Windows\system32\sspisrv.dll
2014-06-18 13:20:20 ----A---- C:\Windows\system32\sspicli.dll
2014-06-18 13:20:20 ----A---- C:\Windows\system32\secur32.dll
2014-06-18 13:20:20 ----A---- C:\Windows\system32\ncrypt.dll
2014-06-18 13:20:20 ----A---- C:\Windows\system32\lsass.exe
2014-06-18 13:20:20 ----A---- C:\Windows\system32\credssp.dll
2014-06-18 13:20:20 ----A---- C:\Windows\system32\apisetschema.dll
2014-06-18 13:20:09 ----A---- C:\Windows\system32\consent.exe
2014-06-18 13:20:09 ----A---- C:\Windows\system32\appinfo.dll
2014-06-18 13:20:06 ----A---- C:\Windows\SYSWOW64\tdh.dll
2014-06-18 13:20:06 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-06-18 13:20:06 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2014-06-18 13:20:06 ----A---- C:\Windows\system32\tdh.dll
2014-06-18 13:20:06 ----A---- C:\Windows\system32\ntdll.dll
2014-06-18 13:20:06 ----A---- C:\Windows\system32\advapi32.dll
2014-06-18 13:20:04 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2014-06-18 13:20:04 ----A---- C:\Windows\system32\shdocvw.dll
2014-06-18 13:20:01 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2014-06-18 13:20:01 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2014-06-18 13:20:01 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2014-06-18 13:20:01 ----A---- C:\Windows\system32\nlasvc.dll
2014-06-18 13:20:01 ----A---- C:\Windows\system32\netcorehc.dll
2014-06-18 13:20:01 ----A---- C:\Windows\system32\ncsi.dll
2014-06-18 13:20:01 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-06-18 13:20:00 ----A---- C:\Windows\SYSWOW64\netevent.dll
2014-06-18 13:20:00 ----A---- C:\Windows\system32\nlaapi.dll
2014-06-18 13:20:00 ----A---- C:\Windows\system32\netevent.dll
2014-06-18 13:20:00 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-06-18 13:19:58 ----A---- C:\Windows\SYSWOW64\certutil.exe
2014-06-18 13:19:58 ----A---- C:\Windows\SYSWOW64\certenc.dll
2014-06-18 13:19:58 ----A---- C:\Windows\system32\certutil.exe
2014-06-18 13:19:58 ----A---- C:\Windows\system32\certenc.dll
2014-06-18 13:19:50 ----A---- C:\Windows\system32\crypt32.dll
2014-06-18 13:19:49 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-06-18 13:19:49 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2014-06-18 13:19:49 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-06-18 13:19:49 ----A---- C:\Windows\system32\cryptsvc.dll
2014-06-18 13:19:49 ----A---- C:\Windows\system32\cryptnet.dll
2014-06-18 13:19:44 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2014-06-18 13:19:44 ----A---- C:\Windows\system32\cryptdlg.dll
2014-06-18 13:19:41 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-06-18 13:19:41 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-06-18 13:19:41 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-06-18 13:19:41 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-06-18 13:19:41 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-18 13:19:41 ----A---- C:\Windows\system32\msxml6.dll
2014-06-18 13:19:41 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-18 13:19:41 ----A---- C:\Windows\system32\msxml3.dll
2014-06-18 13:19:39 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-06-18 13:19:39 ----A---- C:\Windows\system32\wintrust.dll
2014-06-18 13:19:34 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2014-06-18 13:19:34 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2014-06-18 13:19:34 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2014-06-18 13:19:34 ----A---- C:\Windows\system32\dhcpcore6.dll
2014-06-18 13:19:30 ----A---- C:\Windows\system32\OxpsConverter.exe
2014-06-18 13:19:28 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2014-06-18 13:19:28 ----A---- C:\Windows\SYSWOW64\credui.dll
2014-06-18 13:19:28 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-06-18 13:19:28 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2014-06-18 13:19:28 ----A---- C:\Windows\system32\credui.dll
2014-06-18 13:19:28 ----A---- C:\Windows\system32\authui.dll
2014-06-18 13:19:03 ----A---- C:\Windows\system32\drivers\ataport.sys
2014-06-18 13:17:16 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-06-18 13:17:10 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-06-18 13:17:10 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-06-18 13:17:10 ----A---- C:\Windows\system32\cdd.dll
2014-06-18 13:17:09 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2014-06-18 13:17:09 ----A---- C:\Windows\system32\mswsock.dll
2014-06-18 13:17:08 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-18 13:17:08 ----A---- C:\Windows\SYSWOW64\lpk.dll
2014-06-18 13:17:08 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2014-06-18 13:17:08 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2014-06-18 13:17:08 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2014-06-18 13:17:08 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2014-06-18 13:17:08 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-18 13:17:08 ----A---- C:\Windows\system32\lpk.dll
2014-06-18 13:17:08 ----A---- C:\Windows\system32\fontsub.dll
2014-06-18 13:17:08 ----A---- C:\Windows\system32\dciman32.dll
2014-06-18 13:17:08 ----A---- C:\Windows\system32\atmlib.dll
2014-06-18 13:17:08 ----A---- C:\Windows\system32\atmfd.dll
2014-06-18 13:17:07 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-06-18 13:17:07 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-06-18 13:17:07 ----A---- C:\Windows\system32\wer.dll
2014-06-18 13:17:07 ----A---- C:\Windows\system32\gdi32.dll
2014-06-18 13:16:56 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-06-18 13:16:43 ----A---- C:\Windows\system32\win32k.sys
2014-06-18 13:16:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-18 13:16:40 ----A---- C:\Windows\system32\drivers\netio.sys
2014-06-18 13:16:40 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-18 13:16:35 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-06-18 13:16:35 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-06-18 13:16:35 ----A---- C:\Windows\system32\WebClnt.dll
2014-06-18 13:16:35 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-06-18 13:16:35 ----A---- C:\Windows\system32\davclnt.dll
2014-06-18 13:16:34 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-06-18 13:16:34 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-06-18 13:16:34 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-06-18 13:16:34 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-06-18 13:16:34 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-06-18 13:16:34 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-06-18 13:16:34 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-06-18 13:16:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-06-18 13:16:31 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-06-18 13:16:31 ----A---- C:\Windows\SYSWOW64\user.exe
2014-06-18 13:16:31 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-06-18 13:16:31 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-06-18 13:16:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-06-18 13:16:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-06-18 13:16:31 ----A---- C:\Windows\system32\wow64win.dll
2014-06-18 13:16:31 ----A---- C:\Windows\system32\wow64cpu.dll
2014-06-18 13:16:31 ----A---- C:\Windows\system32\wow64.dll
2014-06-18 13:16:31 ----A---- C:\Windows\system32\winsrv.dll
2014-06-18 13:16:31 ----A---- C:\Windows\system32\ntvdm64.dll
2014-06-18 13:16:31 ----A---- C:\Windows\system32\kernel32.dll
2014-06-18 13:16:31 ----A---- C:\Windows\system32\conhost.exe
2014-06-18 13:16:29 ----A---- C:\Windows\system32\scavengeui.dll
2014-06-18 13:16:27 ----A---- C:\Windows\SYSWOW64\wscript.exe
2014-06-18 13:16:27 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2014-06-18 13:16:27 ----A---- C:\Windows\SYSWOW64\cscript.exe
2014-06-18 13:16:27 ----A---- C:\Windows\system32\wscript.exe
2014-06-18 13:16:27 ----A---- C:\Windows\system32\scrrun.dll
2014-06-18 13:16:27 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2014-06-18 13:16:27 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-06-18 13:16:27 ----A---- C:\Windows\system32\cscript.exe
2014-06-18 13:16:26 ----A---- C:\Windows\system32\usp10.dll
2014-06-18 13:16:25 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-06-18 13:16:25 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2014-06-18 13:16:25 ----A---- C:\Windows\system32\msieftp.dll
2014-06-18 13:16:22 ----A---- C:\Windows\system32\drivers\afd.sys
2014-06-18 13:16:21 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2014-06-18 13:16:21 ----A---- C:\Windows\system32\win32spl.dll
2014-06-18 13:16:20 ----A---- C:\Windows\system32\taskhost.exe
2014-06-18 13:16:20 ----A---- C:\Windows\system32\drivers\usbcir.sys
2014-06-18 13:16:19 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2014-06-18 13:16:19 ----A---- C:\Windows\system32\drivers\usbscan.sys
2014-06-18 13:16:19 ----A---- C:\Windows\system32\drivers\hidparse.sys
2014-06-18 13:16:19 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-06-18 13:16:19 ----A---- C:\Windows\system32\comctl32.dll
2014-06-18 13:16:18 ----A---- C:\Windows\system32\wwansvc.dll
2014-06-18 13:16:18 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-06-18 13:16:17 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-06-18 13:11:50 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-06-18 13:11:49 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2014-06-18 13:11:49 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2014-06-18 13:11:49 ----A---- C:\Windows\system32\nshwfp.dll
2014-06-18 13:11:49 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-06-03 00:54:58 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2014-06-03 00:54:58 ----A---- C:\Windows\system32\nvspbridge64.dll
2014-06-03 00:54:41 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-06-03 00:54:41 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-06-03 00:52:49 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-06-03 00:48:48 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-06-03 00:48:48 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-06-03 00:48:48 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-06-03 00:48:48 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-06-03 00:48:48 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-06-03 00:48:48 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-06-03 00:48:48 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-06-03 00:48:48 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-06-03 00:48:48 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-06-03 00:48:48 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-06-03 00:48:48 ----A---- C:\Windows\system32\nvopencl.dll
2014-06-03 00:48:48 ----A---- C:\Windows\system32\nvoglv64.dll
2014-06-03 00:48:48 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-06-03 00:48:48 ----A---- C:\Windows\system32\nvinitx.dll
2014-06-03 00:48:48 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-06-03 00:48:48 ----A---- C:\Windows\system32\NvIFR64.dll
2014-06-03 00:48:48 ----A---- C:\Windows\system32\NvFBC64.dll
2014-06-03 00:48:48 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-06-03 00:48:48 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-06-03 00:48:47 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-06-03 00:48:47 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-06-03 00:48:47 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-06-03 00:48:47 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-06-03 00:48:47 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-06-03 00:48:47 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-06-03 00:48:47 ----A---- C:\Windows\system32\nvcuvid.dll
2014-06-03 00:48:47 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-06-03 00:48:47 ----A---- C:\Windows\system32\nvcuda.dll
2014-06-03 00:48:45 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-06-03 00:48:45 ----A---- C:\Windows\system32\nvcompiler.dll

======List of files/folders modified in the last 1 month======

2014-06-23 13:53:21 ----D---- C:\Program Files\trend micro
2014-06-23 13:53:20 ----D---- C:\Windows\temp
2014-06-23 13:50:00 ----D---- C:\Users\PC1\AppData\Roaming\uTorrent
2014-06-23 13:49:53 ----D---- C:\Windows\Panther
2014-06-23 13:49:53 ----D---- C:\Windows\inf
2014-06-23 13:49:52 ----D---- C:\Windows\Logs
2014-06-23 13:49:52 ----D---- C:\Windows\debug
2014-06-23 13:49:52 ----D---- C:\Windows
2014-06-23 13:48:31 ----D---- C:\Windows\Prefetch
2014-06-23 11:50:38 ----D---- C:\Windows\System32
2014-06-23 11:50:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-23 11:46:48 ----A---- C:\Windows\SYSWOW64\log.txt
2014-06-23 11:44:16 ----D---- C:\ProgramData\NVIDIA
2014-06-22 23:20:19 ----D---- C:\Users\PC1\AppData\Roaming\TS3Client
2014-06-20 15:23:11 ----D---- C:\Windows\system32\config
2014-06-19 23:17:01 ----SHD---- C:\Windows\Installer
2014-06-19 23:12:48 ----RD---- C:\Program Files (x86)
2014-06-18 20:37:15 ----D---- C:\Windows\rescache
2014-06-18 19:27:35 ----D---- C:\Windows\Microsoft.NET
2014-06-18 17:59:45 ----RSD---- C:\Windows\assembly
2014-06-18 14:15:15 ----D---- C:\Windows\winsxs
2014-06-18 14:10:48 ----D---- C:\Windows\SysWOW64
2014-06-18 14:10:48 ----D---- C:\Program Files\Windows Media Player
2014-06-18 14:10:48 ----D---- C:\Program Files (x86)\Windows Media Player
2014-06-18 14:10:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-06-18 14:10:45 ----D---- C:\Windows\system32\cs-CZ
2014-06-18 14:10:44 ----D---- C:\Program Files\Internet Explorer
2014-06-18 14:10:44 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-18 14:10:42 ----D---- C:\Windows\SYSWOW64\migration
2014-06-18 14:10:42 ----D---- C:\Windows\SYSWOW64\en-US
2014-06-18 14:10:40 ----D---- C:\Windows\system32\migration
2014-06-18 14:10:40 ----D---- C:\Windows\system32\en-US
2014-06-18 14:10:40 ----D---- C:\Windows\PolicyDefinitions
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\zh-TW
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\zh-HK
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\zh-CN
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\tr-TR
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\sv-SE
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\ru-RU
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\pt-PT
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\pt-BR
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\pl-PL
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\nb-NO
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\ko-KR
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\ja-JP
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\it-IT
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\hu-HU
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\fr-FR
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\fi-FI
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\es-ES
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\el-GR
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\de-DE
2014-06-18 14:10:38 ----D---- C:\Windows\SYSWOW64\da-DK
2014-06-18 14:10:37 ----D---- C:\Windows\system32\zh-TW
2014-06-18 14:10:37 ----D---- C:\Windows\system32\zh-HK
2014-06-18 14:10:37 ----D---- C:\Windows\system32\zh-CN
2014-06-18 14:10:37 ----D---- C:\Windows\system32\tr-TR
2014-06-18 14:10:37 ----D---- C:\Windows\system32\sv-SE
2014-06-18 14:10:37 ----D---- C:\Windows\system32\ru-RU
2014-06-18 14:10:37 ----D---- C:\Windows\system32\pt-PT
2014-06-18 14:10:37 ----D---- C:\Windows\system32\pt-BR
2014-06-18 14:10:37 ----D---- C:\Windows\system32\pl-PL
2014-06-18 14:10:37 ----D---- C:\Windows\system32\nl-NL
2014-06-18 14:10:37 ----D---- C:\Windows\system32\nb-NO
2014-06-18 14:10:37 ----D---- C:\Windows\system32\ko-KR
2014-06-18 14:10:37 ----D---- C:\Windows\system32\ja-JP
2014-06-18 14:10:37 ----D---- C:\Windows\system32\it-IT
2014-06-18 14:10:37 ----D---- C:\Windows\system32\hu-HU
2014-06-18 14:10:37 ----D---- C:\Windows\system32\fr-FR
2014-06-18 14:10:37 ----D---- C:\Windows\system32\fi-FI
2014-06-18 14:10:37 ----D---- C:\Windows\system32\es-ES
2014-06-18 14:10:37 ----D---- C:\Windows\system32\el-GR
2014-06-18 14:10:37 ----D---- C:\Windows\system32\de-DE
2014-06-18 14:10:37 ----D---- C:\Windows\system32\da-DK
2014-06-18 14:10:37 ----D---- C:\Windows\AppPatch
2014-06-18 14:10:34 ----D---- C:\Windows\system32\drivers
2014-06-18 14:10:32 ----D---- C:\Program Files\Windows Defender
2014-06-18 14:10:32 ----D---- C:\Program Files (x86)\Windows Defender
2014-06-18 14:10:19 ----D---- C:\Program Files\Windows Journal
2014-06-18 14:10:09 ----D---- C:\Windows\system32\DriverStore
2014-06-18 14:08:02 ----D---- C:\Windows\system32\MRT
2014-06-18 14:05:57 ----D---- C:\Windows\system32\catroot2
2014-06-18 14:05:57 ----D---- C:\Windows\system32\catroot
2014-06-18 14:01:07 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-06-18 13:59:48 ----SD---- C:\ProgramData\Microsoft
2014-06-18 13:21:32 ----SHD---- C:\System Volume Information
2014-06-18 12:47:40 ----D---- C:\ProgramData\Origin
2014-06-18 12:47:40 ----D---- C:\ProgramData\Electronic Arts
2014-06-18 12:43:06 ----D---- C:\Windows\system32\Tasks
2014-06-18 12:43:05 ----D---- C:\Windows\Tasks
2014-06-03 00:54:57 ----D---- C:\ProgramData\NVIDIA Corporation
2014-06-03 00:54:46 ----D---- C:\Program Files\NVIDIA Corporation
2014-06-03 00:54:42 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-06-03 00:53:12 ----D---- C:\Temp
2014-06-01 17:17:56 ----A---- C:\Windows\system32\MRT.exe
2014-05-30 23:26:31 ----D---- C:\Users\PC1\AppData\Roaming\vlc
2014-05-30 01:07:51 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-05-30 01:07:38 ----A---- C:\Windows\system32\nvspcap64.dll
2014-05-28 23:34:32 ----D---- C:\Users\PC1\AppData\Roaming\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ESLWireAC;ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [2013-09-25 156176]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-06-03 130584]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-11-25 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-10 283200]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-06-03 112080]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-03 62784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-13 726160]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-11-12 2182768]
S3 ESEADriver2;ESEADriver2; \??\C:\Users\PC1\AppData\Local\Temp\ESEADriver2.sys []
S3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow; C:\Windows\system32\DRIVERS\hidusbf.sys [2009-02-11 6784]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AntiVirService;Avira Real-Time Protection; D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\avguard.exe [2014-06-03 430160]
R2 AntiVirSchedulerService;Avira Scheduler; D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\sched.exe [2014-06-03 430160]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 EslWireHelper;ESL Wire Helper Service; D:\PROGRAMY\ESLWIRE\EslWire\service\WireHelperSvc.exe [2013-06-11 663056]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-19 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-11-12 27760]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-10 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-17 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-10 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-18 111616]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-13 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravím!
Jak je na tom váš oper. systém s legalitou?

Je legálny aspon dúfam odkedy som PC kúpil bol už nainštalovany win a nič som s ním nerobil aktualizujem tak raz za 2 mesiace a všetko ide

OK. Zkusíme tento postup:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.

OTL logfile created on: 24. 6. 2014 19:41:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PC1\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

7,94 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 74,50% Memory free
15,87 Gb Paging File | 13,20 Gb Available in Paging File | 83,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,13 Gb Total Space | 354,55 Gb Free Space | 80,01% Space Free | Partition Type: NTFS
Drive D: | 488,28 Gb Total Space | 452,99 Gb Free Space | 92,77% Space Free | Partition Type: NTFS

Computer Name: BAŠNO | User Name: PC1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/06/24 19:40:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\PC1\Desktop\OTL.exe
PRC - [2014/06/19 23:12:40 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/06/05 15:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/06/03 11:54:51 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\sched.exe
PRC - [2014/06/03 11:54:32 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\avguard.exe
PRC - [2014/06/03 11:54:31 | 000,737,872 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014/05/30 01:35:33 | 002,352,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/05/30 01:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/05/29 19:36:48 | 001,754,816 | ---- | M] (Valve Corporation) -- D:\STEAM\Steam.exe
PRC - [2014/05/20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/07/02 09:16:32 | 000,507,264 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/09/23 21:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/19 20:00:54 | 000,365,376 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/19 20:00:52 | 000,277,824 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/19 20:00:28 | 000,166,720 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/05/21 10:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe


========== Modules (No Company Name) ==========

MOD - [2014/06/05 15:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014/06/05 15:58:37 | 014,612,296 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
MOD - [2014/06/05 15:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014/06/05 15:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014/06/05 15:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014/06/05 15:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014/05/29 19:37:34 | 002,139,840 | ---- | M] () -- D:\STEAM\video.dll
MOD - [2014/05/29 19:36:54 | 001,116,864 | ---- | M] () -- D:\STEAM\bin\chromehtml.dll
MOD - [2014/05/17 03:36:10 | 000,756,224 | ---- | M] () -- D:\STEAM\SDL2.dll
MOD - [2014/05/02 01:35:22 | 020,628,160 | ---- | M] () -- D:\STEAM\bin\libcef.dll
MOD - [2014/04/30 02:08:08 | 001,135,104 | ---- | M] () -- D:\STEAM\libavcodec-55.dll
MOD - [2014/04/30 02:08:08 | 000,471,552 | ---- | M] () -- D:\STEAM\libavutil-53.dll
MOD - [2014/04/30 02:08:08 | 000,404,992 | ---- | M] () -- D:\STEAM\libavformat-55.dll
MOD - [2014/04/30 02:08:08 | 000,340,992 | ---- | M] () -- D:\STEAM\libavresample-1.dll
MOD - [2014/04/29 02:37:22 | 000,519,168 | ---- | M] () -- D:\STEAM\libswscale-2.dll
MOD - [2013/06/15 01:49:12 | 001,100,800 | ---- | M] () -- D:\STEAM\bin\avcodec-53.dll
MOD - [2013/06/15 01:49:12 | 000,192,000 | ---- | M] () -- D:\STEAM\bin\avformat-53.dll
MOD - [2013/06/15 01:49:12 | 000,124,416 | ---- | M] () -- D:\STEAM\bin\avutil-51.dll
MOD - [2012/10/01 20:37:48 | 006,522,480 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/06/18 13:52:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/05/30 01:28:54 | 021,055,432 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/06/19 20:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2011/11/12 23:50:40 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/06/03 11:54:51 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/06/03 11:54:32 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/05/30 01:31:38 | 001,631,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/05/29 19:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/05/20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/05/17 02:04:34 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/11 11:52:08 | 000,663,056 | ---- | M] () [Auto | Running] -- D:\PROGRAMY\ESLWIRE\EslWire\service\WireHelperSvc.exe -- (EslWireHelper)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/09/23 21:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/19 20:00:54 | 000,365,376 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/19 20:00:52 | 000,277,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/19 20:00:28 | 000,166,720 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/01/11 06:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/06/03 11:54:32 | 000,130,584 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014/06/03 11:54:31 | 000,112,080 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014/05/30 01:28:53 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/03/31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/28 15:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/11/25 22:14:02 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013/09/25 23:18:14 | 000,156,176 | ---- | M] (<Turtle Entertainment>) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:64bit: - [2013/01/10 10:56:07 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/07/03 01:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/13 08:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/05/21 10:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/05/21 10:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/05/21 10:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/12 23:50:34 | 002,182,768 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/11 13:25:02 | 000,006,784 | ---- | M] (SweetLow) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidusbf.sys -- (hidusbf)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2901934316-1854545542-611796736-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 3&tsp=5194
IE - HKU\S-1-5-21-2901934316-1854545542-611796736-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-2901934316-1854545542-611796736-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2901934316-1854545542-611796736-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.buenosearch.com/?q={searchTe ... 3&tsp=5194
IE - HKU\S-1-5-21-2901934316-1854545542-611796736-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb201/?se ... etnfo&i=26
IE - HKU\S-1-5-21-2901934316-1854545542-611796736-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\PC1\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox

[2013/01/10 11:01:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Disk Google = C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: HÄľadaĹĄ v Google = C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Object Browser = C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.78_0\crossrider
CHR - Extension: Object Browser = C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.78_0\
CHR - Extension: Peňaženka Google = C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2013/04/23 19:09:38 | 000,001,337 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.com # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.com # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.info # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.info # misleading site
O1 - Hosts: 255.255.255.255 easyanticheat.org # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.org # misleading site
O2:64bit: - BHO: (Object Browser) - {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll (Object Browser)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Object Browser) - {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho.dll (Object Browser)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [avgnt] D:\PROGRAMY\AVIRA\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2901934316-1854545542-611796736-1000..\Run: [DAEMON Tools Lite] D:\PROGRAMY\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2901934316-1854545542-611796736-1000..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE /FU "C:\Windows\TEMP\E_S186F.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-2901934316-1854545542-611796736-1000..\Run: [OscarEditor] C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe ()
O4 - HKU\S-1-5-21-2901934316-1854545542-611796736-1000..\Run: [Steam] D:\STEAM\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2901934316-1854545542-611796736-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRAMY\OFFICE\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://D:\PROGRAMY\OFFICE\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRAMY\OFFICE\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://D:\PROGRAMY\OFFICE\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65D4AFEA-6752-4694-BE76-9BFF1D111CBC}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/06/24 19:40:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\PC1\Desktop\OTL.exe
[2014/06/21 23:46:58 | 000,000,000 | ---D | C] -- C:\Users\PC1\Desktop\informatika
[2014/06/18 14:10:19 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/06/18 14:05:39 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014/06/18 14:05:39 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014/06/18 14:05:38 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014/06/18 14:05:38 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014/06/18 13:59:48 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/06/18 13:56:48 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014/06/18 13:52:38 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/06/18 13:52:38 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/06/18 13:52:36 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/06/18 13:52:36 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/06/18 13:52:36 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/06/18 13:52:36 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/06/18 13:52:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/06/18 13:52:35 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/06/18 13:52:35 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/06/18 13:52:35 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/06/18 13:52:35 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/06/18 13:52:35 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/06/18 13:52:35 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/06/18 13:52:35 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/06/18 13:52:35 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/06/18 13:52:35 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/06/18 13:52:35 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/06/18 13:52:35 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/06/18 13:52:35 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/06/18 13:52:35 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/06/18 13:52:35 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/06/18 13:52:35 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/06/18 13:52:35 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/06/18 13:52:35 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/06/18 13:52:35 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/06/18 13:52:35 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/06/18 13:52:35 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/06/18 13:52:35 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/06/18 13:52:35 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/06/18 13:52:35 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/06/18 13:52:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/06/18 13:52:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/06/18 13:52:35 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/06/18 13:52:35 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/06/18 13:52:35 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/06/18 13:52:35 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/06/18 13:52:35 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/06/18 13:52:35 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/06/18 13:52:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/06/18 13:52:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/06/18 13:52:35 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/06/18 13:52:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/06/18 13:52:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/06/18 13:52:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/06/18 13:52:35 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/06/18 13:52:35 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/06/18 13:52:35 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/06/18 13:52:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/06/18 13:52:35 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/06/18 13:52:34 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/06/18 13:52:34 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/06/18 13:52:34 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/06/18 13:52:34 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/06/18 13:52:34 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/06/18 13:52:34 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/06/18 13:52:34 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/06/18 13:52:34 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/06/18 13:52:34 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/06/18 13:52:34 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/06/18 13:52:34 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/06/18 13:52:34 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/06/18 13:52:34 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/06/18 13:52:34 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/06/18 13:52:34 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/06/18 13:52:34 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/06/18 13:52:34 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/06/18 13:52:34 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/06/18 13:52:34 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/06/18 13:52:34 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/06/18 13:52:34 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/06/18 13:52:34 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/06/18 13:52:34 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/06/18 13:52:34 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/06/18 13:52:34 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/06/18 13:52:34 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/06/18 13:52:34 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/06/18 13:52:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/06/18 13:52:34 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/06/18 13:52:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/06/18 13:52:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/06/18 13:51:07 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/06/18 13:51:07 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/06/18 13:51:07 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/06/18 13:51:07 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/06/18 13:51:07 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/06/18 13:51:07 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/06/18 13:51:07 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/06/18 13:51:07 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/06/18 13:51:07 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/06/18 13:51:07 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/06/18 13:51:07 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/06/18 13:51:07 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/06/18 13:51:07 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/06/18 13:51:07 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/06/18 13:51:07 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/06/18 13:51:07 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/06/18 13:51:07 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/06/18 13:51:07 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/06/18 13:51:07 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/06/18 13:51:07 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/06/18 13:51:07 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/06/18 13:51:07 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/06/18 13:51:07 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/06/18 13:51:07 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/06/18 13:51:07 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/06/18 13:51:07 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/06/18 13:51:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/06/18 13:51:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/06/18 13:51:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/06/18 13:51:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/06/18 13:51:07 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/06/18 13:21:10 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/06/18 13:21:10 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/06/18 13:21:10 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/06/18 13:21:10 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/06/18 13:21:09 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/06/18 13:21:09 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/06/18 13:21:09 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/06/18 13:21:09 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/06/18 13:21:09 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/06/18 13:21:09 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/06/18 13:21:09 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/06/18 13:21:09 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/06/18 13:21:09 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/06/18 13:21:09 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/06/18 13:21:09 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/06/18 13:21:09 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/06/18 13:21:09 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/06/18 13:21:05 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/06/18 13:21:05 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/06/18 13:21:01 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014/06/18 13:21:01 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014/06/18 13:20:55 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/06/18 13:20:54 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/06/18 13:20:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014/06/18 13:20:50 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/06/18 13:20:50 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/06/18 13:20:49 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014/06/18 13:20:49 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014/06/18 13:20:47 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/06/18 13:20:47 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/06/18 13:20:44 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/06/18 13:20:44 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/06/18 13:20:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/06/18 13:20:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/06/18 13:20:24 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/06/18 13:20:24 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/06/18 13:20:24 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/06/18 13:20:24 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/06/18 13:20:23 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/06/18 13:20:23 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/06/18 13:20:23 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/06/18 13:20:23 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/06/18 13:20:21 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2014/06/18 13:20:21 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/06/18 13:20:21 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/06/18 13:20:21 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/06/18 13:20:21 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/06/18 13:20:21 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/06/18 13:20:21 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/06/18 13:20:21 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/06/18 13:20:21 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/06/18 13:20:21 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/06/18 13:20:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2014/06/18 13:20:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/06/18 13:20:20 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/06/18 13:20:20 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/06/18 13:20:20 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/06/18 13:20:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/06/18 13:20:20 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/06/18 13:20:20 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/06/18 13:20:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2014/06/18 13:20:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2014/06/18 13:20:09 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/06/18 13:20:06 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/06/18 13:20:06 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2014/06/18 13:20:06 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2014/06/18 13:20:06 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2014/06/18 13:20:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2014/06/18 13:20:01 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2014/06/18 13:20:01 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2014/06/18 13:20:01 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2014/06/18 13:20:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2014/06/18 13:20:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2014/06/18 13:20:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2014/06/18 13:19:58 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2014/06/18 13:19:58 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2014/06/18 13:19:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2014/06/18 13:19:58 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2014/06/18 13:19:50 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014/06/18 13:19:49 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2014/06/18 13:19:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2014/06/18 13:19:44 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2014/06/18 13:19:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014/06/18 13:19:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014/06/18 13:19:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/06/18 13:19:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/06/18 13:19:39 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/06/18 13:19:34 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014/06/18 13:19:34 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014/06/18 13:19:34 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014/06/18 13:19:30 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2014/06/18 13:19:28 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/06/18 13:19:28 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/06/18 13:19:28 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2014/06/18 13:19:28 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2014/06/18 13:19:28 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2014/06/18 13:19:03 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2014/06/18 13:17:10 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/06/18 13:17:10 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/06/18 13:17:08 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014/06/18 13:17:08 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014/06/18 13:17:08 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/06/18 13:17:08 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/06/18 13:17:08 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2014/06/18 13:17:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2014/06/18 13:17:08 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014/06/18 13:17:08 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2014/06/18 13:17:08 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014/06/18 13:17:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2014/06/18 13:17:07 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/06/18 13:17:07 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/06/18 13:17:07 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/06/18 13:16:40 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/06/18 13:16:40 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/06/18 13:16:35 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/06/18 13:16:34 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/06/18 13:16:34 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/06/18 13:16:31 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/06/18 13:16:31 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/06/18 13:16:31 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2014/06/18 13:16:31 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/06/18 13:16:31 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2014/06/18 13:16:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/06/18 13:16:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/06/18 13:16:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/06/18 13:16:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/06/18 13:16:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/06/18 13:16:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014/06/18 13:16:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014/06/18 13:16:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014/06/18 13:16:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014/06/18 13:16:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/06/18 13:16:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014/06/18 13:16:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014/06/18 13:16:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014/06/18 13:16:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014/06/18 13:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/06/18 13:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/06/18 13:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014/06/18 13:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014/06/18 13:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014/06/18 13:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014/06/18 13:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014/06/18 13:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014/06/18 13:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014/06/18 13:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014/06/18 13:16:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/06/18 13:16:29 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2014/06/18 13:16:27 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014/06/18 13:16:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014/06/18 13:16:27 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014/06/18 13:16:27 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014/06/18 13:16:27 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014/06/18 13:16:27 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014/06/18 13:16:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2014/06/18 13:16:26 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/06/18 13:16:25 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/06/18 13:16:25 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/06/18 13:16:21 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/06/18 13:16:21 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2014/06/18 13:16:20 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2014/06/18 13:16:19 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014/06/18 13:16:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/06/18 13:16:19 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014/06/18 13:16:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2014/06/18 13:11:49 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/06/18 13:11:49 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/06/18 13:11:49 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/06/18 13:11:49 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/06/03 00:54:58 | 001,715,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014/06/03 00:54:58 | 001,291,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014/06/03 00:54:41 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014/06/03 00:54:41 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014/06/03 00:52:49 | 000,601,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014/06/03 00:48:48 | 031,387,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/06/03 00:48:48 | 024,025,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/06/03 00:48:48 | 016,003,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/06/03 00:48:48 | 011,599,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014/06/03 00:48:48 | 009,697,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014/06/03 00:48:48 | 000,895,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/06/03 00:48:48 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/06/03 00:48:48 | 000,867,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/06/03 00:48:48 | 000,861,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/06/03 00:48:48 | 000,837,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014/06/03 00:48:48 | 000,492,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014/06/03 00:48:48 | 000,416,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014/06/03 00:48:48 | 000,382,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014/06/03 00:48:48 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014/06/03 00:48:48 | 000,335,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014/06/03 00:48:48 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014/06/03 00:48:48 | 000,166,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014/06/03 00:48:48 | 000,146,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014/06/03 00:48:47 | 017,480,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014/06/03 00:48:47 | 011,644,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/06/03 00:48:47 | 009,735,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/06/03 00:48:47 | 003,141,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/06/03 00:48:47 | 002,953,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/06/03 00:48:47 | 002,785,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014/06/03 00:48:47 | 002,412,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014/06/03 00:48:47 | 001,889,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433788.dll
[2014/06/03 00:48:47 | 001,541,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433788.dll
[2014/06/03 00:48:45 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/06/03 00:48:45 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/06/24 19:43:16 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/06/24 19:40:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\PC1\Desktop\OTL.exe
[2014/06/24 19:23:23 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/24 19:23:23 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/24 19:21:35 | 001,592,382 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/24 19:21:35 | 000,663,662 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014/06/24 19:21:35 | 000,657,158 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/24 19:21:35 | 000,142,252 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014/06/24 19:21:35 | 000,122,970 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/24 19:17:18 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/24 19:15:40 | 000,001,926 | ---- | M] () -- C:\Windows\tasks\Object Browser-chromeinstaller.job
[2014/06/24 19:15:40 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/24 19:15:28 | 000,002,418 | ---- | M] () -- C:\Windows\tasks\HDvid-Codec V9.0-firefoxinstaller.job
[2014/06/24 19:15:28 | 000,001,310 | ---- | M] () -- C:\Windows\tasks\Object Browser-updater.job
[2014/06/24 19:15:28 | 000,001,212 | ---- | M] () -- C:\Windows\tasks\Object Browser-codedownloader.job
[2014/06/24 19:15:28 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\Object Browser-enabler.job
[2014/06/24 19:15:27 | 000,003,108 | ---- | M] () -- C:\Windows\tasks\HDvid-Codec V9.0-chromeinstaller.job
[2014/06/24 19:15:26 | 000,000,196 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2014/06/24 19:15:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/24 19:15:16 | 2095,312,895 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/24 01:04:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/18 14:16:52 | 000,441,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/18 14:01:07 | 001,558,870 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/06/18 13:52:38 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/06/18 13:52:38 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/06/18 13:52:36 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/06/18 13:52:36 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/06/18 13:52:36 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/06/18 13:52:36 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/06/18 13:52:36 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/06/18 13:52:35 | 005,782,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/06/18 13:52:35 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/06/18 13:52:35 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/06/18 13:52:35 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/06/18 13:52:35 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/06/18 13:52:35 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/06/18 13:52:35 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/06/18 13:52:35 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/06/18 13:52:35 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/06/18 13:52:35 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/06/18 13:52:35 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/06/18 13:52:35 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/06/18 13:52:35 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/06/18 13:52:35 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/06/18 13:52:35 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/06/18 13:52:35 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/06/18 13:52:35 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/06/18 13:52:35 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/06/18 13:52:35 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/06/18 13:52:35 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/06/18 13:52:35 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/06/18 13:52:35 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/06/18 13:52:35 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/06/18 13:52:35 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/06/18 13:52:35 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/06/18 13:52:35 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/06/18 13:52:35 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/06/18 13:52:35 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/06/18 13:52:35 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/06/18 13:52:35 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/06/18 13:52:35 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/06/18 13:52:35 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/06/18 13:52:35 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/06/18 13:52:35 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/06/18 13:52:35 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/06/18 13:52:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/06/18 13:52:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/06/18 13:52:35 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/06/18 13:52:35 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/06/18 13:52:35 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/06/18 13:52:35 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/06/18 13:52:35 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/06/18 13:52:35 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/06/18 13:52:34 | 002,040,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/06/18 13:52:34 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/06/18 13:52:34 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/06/18 13:52:34 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/06/18 13:52:34 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/06/18 13:52:34 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/06/18 13:52:34 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/06/18 13:52:34 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/06/18 13:52:34 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/06/18 13:52:34 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/06/18 13:52:34 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/06/18 13:52:34 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/06/18 13:52:34 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/06/18 13:52:34 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/06/18 13:52:34 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/06/18 13:52:34 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/06/18 13:52:34 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/06/18 13:52:34 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/06/18 13:52:34 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/06/18 13:52:34 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/06/18 13:52:34 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/06/18 13:52:34 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/06/18 13:52:34 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/06/18 13:52:34 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/06/18 13:52:34 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/06/18 13:52:34 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/06/18 13:52:34 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/06/18 13:52:34 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/06/18 13:52:34 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/06/18 13:52:34 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/06/18 13:52:34 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/06/18 13:52:34 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/06/18 13:51:07 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/06/18 13:51:07 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/06/18 13:51:07 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/06/18 13:51:07 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/06/18 13:51:07 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/06/18 13:51:07 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/06/18 13:51:07 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/06/18 13:51:07 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/06/18 13:51:07 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/06/18 13:51:07 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/06/18 13:51:07 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/06/18 13:51:07 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/06/18 13:51:07 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/06/18 13:51:07 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/06/18 13:51:07 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/06/18 13:51:07 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/06/18 13:51:07 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/06/18 13:51:07 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/06/18 13:51:07 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/06/18 13:51:07 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/06/18 13:51:07 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/06/18 13:51:07 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/06/18 13:51:07 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/06/18 13:51:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/06/18 13:51:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/06/18 13:51:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/06/18 13:51:07 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/06/18 13:51:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/06/18 13:51:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/06/18 13:51:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/06/18 13:51:07 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/06/18 13:51:07 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/06/13 10:14:07 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/08 11:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/06/08 11:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/06/08 00:11:09 | 000,000,639 | ---- | M] () -- C:\Users\PC1\Desktop\ESEA Client.lnk
[2014/06/03 11:54:32 | 000,130,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2014/06/03 11:54:31 | 000,112,080 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2014/05/30 01:07:51 | 001,291,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014/05/30 01:07:51 | 001,122,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/05/30 01:07:38 | 001,715,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014/05/30 01:07:38 | 001,279,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/06/18 13:52:35 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/06/18 13:52:34 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/06/08 00:11:09 | 000,000,639 | ---- | C] () -- C:\Users\PC1\Desktop\ESEA Client.lnk
[2014/02/13 19:43:58 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/12/05 11:23:09 | 000,234,010 | ---- | C] () -- C:\Windows\SysWow64\poclbm130302GeForce GTX 660 Tigv1w256l4.bin
[2013/12/05 11:23:01 | 000,000,000 | ---- | C] () -- C:\Users\PC1\regbcm
[2013/09/16 20:37:38 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013/03/05 13:00:15 | 000,000,044 | ---- | C] () -- C:\Users\PC1\jagex_cl_loginapplet_LIVE.dat
[2013/03/05 12:59:21 | 000,000,042 | ---- | C] () -- C:\Users\PC1\jagex_cl_runescape_LIVE.dat
[2013/03/05 12:56:30 | 000,000,042 | ---- | C] () -- C:\Users\PC1\jagex_cl_oldschool_LIVE.dat
[2013/03/05 12:56:30 | 000,000,024 | ---- | C] () -- C:\Users\PC1\random.dat
[2013/02/03 14:44:35 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2013/02/03 14:44:35 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2013/02/03 14:44:35 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2013/02/03 14:44:35 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2013/02/03 14:44:35 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2013/02/03 14:44:35 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2013/02/03 14:44:35 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2013/02/03 14:44:35 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2013/02/03 14:44:35 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2013/02/03 14:44:35 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2013/02/03 14:44:35 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2013/02/03 14:44:35 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2013/02/03 14:44:35 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2013/02/03 14:44:35 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2013/02/03 14:44:35 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2013/02/03 14:44:35 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2013/02/03 14:44:35 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2013/02/03 14:44:35 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2013/02/03 14:44:35 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2013/02/03 14:41:32 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX7400DEFGIPS.ini
[2013/01/11 22:21:12 | 001,558,870 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/10 00:08:40 | 000,050,219 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2013/01/09 23:58:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/01/09 23:58:40 | 000,038,613 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014/04/05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010/11/20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/01/04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013/01/03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013/09/07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013/01/04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/01/31 17:54:41 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\.minecraft
[2013/08/27 01:40:43 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\.technic
[2013/03/26 17:19:21 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Adobe
[2013/01/11 08:52:36 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Avira
[2014/03/04 14:58:21 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\DAEMON Tools Lite
[2013/01/08 22:54:58 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Identities
[2013/02/03 14:44:34 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\InstallShield
[2013/05/09 17:12:55 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Leadertech
[2013/08/27 01:43:03 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\LolClient
[2014/02/22 11:52:08 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Macromedia
[2009/07/14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Media Center Programs
[2013/09/16 20:38:36 | 000,000,000 | --SD | M] -- C:\Users\PC1\AppData\Roaming\Microsoft
[2013/03/28 18:11:45 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\NVIDIA
[2014/05/28 23:34:32 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Origin
[2014/04/26 11:25:39 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\raidcall
[2014/05/09 20:44:56 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Skype
[2013/12/29 20:34:52 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\The Creative Assembly
[2013/01/10 11:07:32 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\Theta
[2014/06/22 23:20:19 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\TS3Client
[2014/06/23 13:50:00 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\uTorrent
[2014/05/30 23:26:31 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\vlc
[2013/12/08 23:36:39 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\wargaming.net
[2013/01/10 11:20:26 | 000,000,000 | ---D | M] -- C:\Users\PC1\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013/01/10 00:12:35 | 000,459,934 | R--- | M] () -- C:\Users\PC1\AppData\Roaming\Microsoft\Installer\{49BE9B8A-E858-4533-A74A-64306C13DB59}\_853F67D554F05449430E7E.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014/06/24 01:04:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/06/24 19:15:26 | 000,000,196 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2014/06/24 19:15:40 | 000,000,942 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/06/24 19:17:18 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014/06/24 19:15:27 | 000,003,108 | ---- | M] () -- C:\Windows\Tasks\HDvid-Codec V9.0-chromeinstaller.job
[2014/06/24 19:15:28 | 000,002,418 | ---- | M] () -- C:\Windows\Tasks\HDvid-Codec V9.0-firefoxinstaller.job
[2014/06/24 19:15:40 | 000,001,926 | ---- | M] () -- C:\Windows\Tasks\Object Browser-chromeinstaller.job
[2014/06/24 19:15:28 | 000,001,212 | ---- | M] () -- C:\Windows\Tasks\Object Browser-codedownloader.job
[2014/06/24 19:15:28 | 000,001,112 | ---- | M] () -- C:\Windows\Tasks\Object Browser-enabler.job
[2014/06/24 19:15:28 | 000,001,310 | ---- | M] () -- C:\Windows\Tasks\Object Browser-updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/06/24 19:17:54 | 000,000,044 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Steam" = "D:\STEAM\steam.exe" -silent -- [2014/05/29 19:36:48 | 001,754,816 | ---- | M] (Valve Corporation)
"DAEMON Tools Lite" = "D:\PROGRAMY\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013/01/08 10:41:08 | 003,674,320 | ---- | M] (DT Soft Ltd)
"EPSON Stylus DX7400 Series" = C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE /FU "C:\Windows\TEMP\E_S186F.tmp" /EF "HKCU"
"OscarEditor" = "C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe" Minimum -- [2008/07/30 14:52:37 | 002,865,152 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014/06/18 13:52:36 | 000,812,248 | ---- | M] (Microsoft Corporation) MD5=60F88F6CA6303E8273AF7AAA9AAFECAC -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014/06/05 15:58:39 | 000,860,488 | ---- | M] (Google Inc.) MD5=A5FCD42334CCC682DA1882A54338686C -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/06/24 19:43:16 | 000,000,512 | ---- | M] () MD5=9591513466BA61E101FD2FC4D7CB9C5F -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014/06/18 18:45:41 | 000,020,328 | ---- | M] () -- \Users\PC1\AppData\Roaming\uTorrent\Risen 3 Titan Lords [PC Game 2014 Complete Version Full Cracked]-SKIDROW.torrent

< *keygen* /s >

< *loader* /s >
[2014/02/02 15:59:00 | 000,001,212 | ---- | M] () -- \_OTM\MovedFiles\02022014_201806\C_Windows\tasks\Object Browser-codedownloader.job
[2009/01/16 01:26:10 | 000,009,068 | ---- | M] () -- \lazarus\debugger\fpdebug\dbgloader.pp
[2005/05/18 21:24:09 | 000,003,206 | ---- | M] () -- \lazarus\fpc\2.6.2\source\packages\gtk2\src\gtk+\gdk-pixbuf\gdk-pixbuf-loader.inc
[2010/10/06 21:33:57 | 000,016,877 | ---- | M] () -- \lazarus\fpc\2.6.2\source\packages\winunits-jedi\src\ModuleLoader.pas
[2013/08/27 23:15:54 | 001,177,888 | ---- | M] () -- \NVIDIA\DisplayDriver\327.23\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2013/12/10 04:15:46 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\332.21\Win8_WinVista_Win7_64\English\GFExperience\ExtensionLoader.dll
[2014/02/05 11:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\334.89\Win8_WinVista_Win7_64\English\GFExperience\ExtensionLoader.dll
[2014/02/05 11:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\335.23\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2014/01/21 04:54:02 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce334.89Driver\ExtensionLoader.dll
[2014/02/05 11:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience\ExtensionLoader.dll
[2014/02/05 11:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce337.88Driver\ExtensionLoader.dll
[2014/04/30 20:27:31 | 001,168,216 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce337.88Driver\GFExperience\ExtensionLoader.dll
[2013/11/08 22:45:57 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForceR331GameReadyDriver\ExtensionLoader.dll
[2014/01/21 04:55:21 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForceR331Game-Ready-Driver\ExtensionLoader.dll
[2013/11/14 13:56:55 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForceR331GameReadyDriver\GFExperience\ExtensionLoader.dll
[2013/12/10 04:15:46 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForceR331Game-Ready-Driver\GFExperience\ExtensionLoader.dll
[2014/01/23 13:18:12 | 000,000,195 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2012/10/01 20:34:40 | 000,268,384 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2012/10/01 20:34:40 | 000,019,048 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2006/12/15 15:31:20 | 000,114,688 | ---- | M] () -- \Program Files (x86)\epson\Creativity Suite\Easy Photo Print\APFLoaderV13.dll
[2004/04/21 18:09:00 | 000,069,632 | ---- | M] () -- \Program Files (x86)\epson\Creativity Suite\Easy Photo Print\EpAPFLoader.dll
[2006/02/28 20:02:04 | 000,102,400 | ---- | M] () -- \Program Files (x86)\epson\Creativity Suite\Easy Photo Print\EpAPFLoader2006.dll
[2014/05/30 01:10:11 | 001,170,208 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013/07/25 03:43:28 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013/12/20 02:37:56 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013/07/25 03:43:12 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013/07/25 03:43:12 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013/10/25 14:59:15 | 000,515,952 | ---- | M] () -- \Program Files (x86)\Object Browser\Object Browser-codedownloader.exe
[2012/10/01 20:34:40 | 000,364,128 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2012/10/01 20:34:40 | 000,019,048 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014/02/05 11:31:23 | 001,169,184 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{06A52099-CC78-402D-AE95-896D7DA0E5A9}\ExtensionLoader.dll
[2013/08/27 23:15:54 | 001,177,888 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{E9B3DE3F-A3E1-4C8E-B4C2-FE76FCD1CE78}\ExtensionLoader.dll
[2012/12/04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/12/04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/12/04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013/12/20 00:16:28 | 000,142,893 | ---- | M] () -- \Qoobox\Quarantine\C\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.26.132_0\extensionData\plugins\91_monetizationLoader.js.js.vir
[2012/12/04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/12/04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/12/04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2014/06/24 19:15:34 | 000,141,597 | ---- | M] () -- \Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan\1.25.78_0\extensionData\plugins\91_monetizationLoader.js.js
[7 \Users\PC1\AppData\Local\Microsoft\Windows\WER\ReportArchive\*.tmp files -> \Users\PC1\AppData\Local\Microsoft\Windows\WER\ReportArchive\*.tmp -> ]
[2013/08/03 17:58:48 | 000,991,995 | ---- | M] () -- \Users\PC1\AppData\Roaming\.technic\.minecraft\ForgeModLoader-client-0.log
[2013/08/03 16:14:27 | 000,708,716 | ---- | M] () -- \Users\PC1\AppData\Roaming\.technic\.minecraft\ForgeModLoader-client-1.log
[2013/08/03 16:08:44 | 000,689,826 | ---- | M] () -- \Users\PC1\AppData\Roaming\.technic\.minecraft\ForgeModLoader-client-2.log
[2013/08/03 17:58:48 | 000,991,995 | ---- | M] () -- \Users\PC1\AppData\Roaming\LolClient\.minecraft\ForgeModLoader-client-0.log
[2013/08/03 16:14:27 | 000,708,716 | ---- | M] () -- \Users\PC1\AppData\Roaming\LolClient\.minecraft\ForgeModLoader-client-1.log
[2013/08/03 16:08:44 | 000,689,826 | ---- | M] () -- \Users\PC1\AppData\Roaming\LolClient\.minecraft\ForgeModLoader-client-2.log
[2013/08/03 17:58:48 | 000,991,995 | ---- | M] () -- \Users\PC1\AppData\Roaming\Macromedia\.minecraft\ForgeModLoader-client-0.log
[2013/08/03 16:14:27 | 000,708,716 | ---- | M] () -- \Users\PC1\AppData\Roaming\Macromedia\.minecraft\ForgeModLoader-client-1.log
[2013/08/03 16:08:44 | 000,689,826 | ---- | M] () -- \Users\PC1\AppData\Roaming\Macromedia\.minecraft\ForgeModLoader-client-2.log
[2014/02/22 11:55:29 | 000,000,594 | ---- | M] () -- \Users\PC1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GameLoader.lnk
[2014/06/18 18:53:54 | 000,019,968 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\ed30b928f98b1c908a117f52d881e1fc\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2014/06/18 18:53:54 | 000,000,796 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\ed30b928f98b1c908a117f52d881e1fc\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2013/09/16 21:30:36 | 000,015,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.CLRLoader.dll
[2014/06/23 20:59:00 | 000,018,096 | ---- | M] () -- \Windows\Prefetch\OBJECT BROWSER-CODEDOWNLOADER-BDEEF49A.pf
[2013/08/02 04:12:19 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\63e7d454eeb6cdac5bd05042201891bd\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\63e7d454eeb6cdac5bd05042201891bd\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 04:12:19 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2014/06/24 19:15:28 | 000,001,212 | ---- | M] () -- \Windows\Tasks\Object Browser-codedownloader.job
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:41:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 07:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009/07/14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009/07/14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009/07/14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009/07/14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2014/03/25 12:42:13 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2014/03/25 12:42:13 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2014/03/25 12:42:13 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2014/03/25 12:42:13 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2014/03/25 12:42:13 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009/07/14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:56:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

========== Files - Unicode (All) ==========
[2013/11/08 19:41:46 | 103,316,092 | ---- | M] ()(C:\Windows\SysWow64\???¬) -- C:\Windows\SysWow64\ꐰꪯ¬
[2013/11/08 19:41:46 | 103,316,092 | ---- | M] ()(C:\Windows\System32\???¬) -- C:\Windows\System32\ꐰꪯ¬
[2013/11/08 19:41:46 | 103,316,092 | ---- | C] ()(C:\Windows\SysWow64\???¬) -- C:\Windows\SysWow64\ꐰꪯ¬

< End of report >

OTL Extras logfile created on: 24. 6. 2014 19:41:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PC1\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

7,94 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 74,50% Memory free
15,87 Gb Paging File | 13,20 Gb Available in Paging File | 83,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,13 Gb Total Space | 354,55 Gb Free Space | 80,01% Space Free | Partition Type: NTFS
Drive D: | 488,28 Gb Total Space | 452,99 Gb Free Space | 92,77% Space Free | Partition Type: NTFS

Computer Name: BAŠNO | User Name: PC1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2901934316-1854545542-611796736-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06543B74-BEED-488D-B447-5E09C654E531}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{07437086-6F21-4CE2-9332-7C5AFA4F2EB0}" = lport=445 | protocol=6 | dir=in | app=system |
"{088ED530-94B7-4207-8429-4C5AA8EDEC87}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{112698BF-C110-411D-B21A-EEDB24C5B44A}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{19444325-F2E8-49A9-A4F0-CD95C8AEF6EC}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{1B5D74D8-555A-4B89-9C1C-4DDEE5C3948B}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{2385C139-2291-41CA-8F96-15DECAEB0406}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{258C5192-D5AD-475A-908A-E12BF5942DD0}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{265837CF-5E54-40C5-B41B-E3CE19E498B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{29003BCF-C9C2-4561-9941-F910A51A8200}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{35ED82E7-8B9F-47B4-B222-CFFE8D6B1821}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3A53BE66-056D-4A18-B808-617D54401A3D}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{44C9DF3F-3DCA-42BC-9B5D-B6CF3F6ADAC2}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{48F0D287-2F9D-4CFF-8033-3BE4CFD031C3}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{49A905B2-D7FE-424D-A052-4730583447A9}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{4BC38B3F-D718-4DCF-9302-356D27AC7937}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{50A6CD68-B348-4564-808C-C4DC6773A35D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{542CE98B-6876-4D81-9DC3-7DCB0030DB96}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{543A2620-031B-4658-815C-0F134BA6B7F5}" = rport=445 | protocol=6 | dir=out | app=system |
"{5B6B6984-FA3E-4AE2-AB8B-69FE2F8DF51C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6514643E-E48F-4048-A2DD-18B6C6178546}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{67528E26-A84C-4CED-B604-54C0D71D2E5A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{67FDF0F5-BAA8-4BF9-A0EF-E8A451FCA9DC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6A41A09E-F7B5-42A2-9FCE-C115DE1279CD}" = lport=139 | protocol=6 | dir=in | app=system |
"{6B217736-6DDD-4836-9DB2-E032D105C4EB}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6FD45340-6354-4631-BDC5-010B42536E1C}" = lport=137 | protocol=17 | dir=in | app=system |
"{70281B0B-D5E5-4C6C-986A-4C9D01126249}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{741438D3-54E5-472C-8266-040410EABAE9}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{78652AFC-2684-4BBB-80D6-C2B146079DF4}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7A0A5EFE-CC11-4C29-A220-DBDDA31A5CCE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{80D5C99D-22E2-4124-8D76-36A24A8CE4D7}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8307F51C-DA91-4516-8E99-EAF1780000A0}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{86A9FAFB-4BA6-415B-993C-618B5D57F973}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{882FBD37-EA0F-4156-A015-011FD1CF6EA5}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8A220754-2B1E-4CD5-9ABA-383E436CCBCB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8D04A66D-8ADE-4DFB-986D-063FE3334FCF}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{92FB56BE-BC87-459F-AE73-D4791CF77569}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{93F18D91-F01A-431E-9073-8ACF6C4786DA}" = rport=139 | protocol=6 | dir=out | app=system |
"{9673AD14-E2EE-4390-8FF1-67D60011ADE6}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{981A4FFF-CDFB-4315-B91E-7D18301788FA}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{98226864-DE05-4830-B4E3-93DA8EE6931F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{9B39B38C-9036-4A25-AAE6-4EF444CEF90A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A0D475A6-5018-4A70-AF77-D925DF393F20}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A0EFF76C-282D-4955-9850-9634B6DD922B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A64E4865-7A71-45A4-958A-9AEBF3ED9A9B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{AC34F2A8-883D-49B1-8EEE-98D516518A40}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{ACA8CDFE-C27A-4701-B443-436CE5D922F6}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{B3140083-F5DF-4C5C-8C74-370822162A18}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B52CC103-9563-4C63-B6F0-9EDFFBF34F3B}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B77459F6-821A-4840-9008-DC64E215F88B}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BDACBA23-E8DE-4776-BE97-87E151D72CF7}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BEF9B382-17DF-49F8-A5D4-4EF9369DB7C5}" = rport=137 | protocol=17 | dir=out | app=system |
"{C209E658-CD0A-4B23-8B0B-A7E0030ECF10}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C3583171-0092-4F81-AA8D-D748D9F3205F}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C3623FE2-BA3C-4F56-8DB4-5E6FD62EC79C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C4B3EC02-8D2D-4A14-90F0-2A35B9AEA725}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C5910118-4941-4A1D-B301-45967DD4F9CF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C71A599C-7324-4F6D-8FEB-E5FADB8DA4C0}" = lport=138 | protocol=17 | dir=in | app=system |
"{C848170A-406D-4CE2-92F2-C3EEB6BA13DE}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{D1126D66-C4EE-41E2-A8F5-B4FCD76C6A25}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D668D142-5C06-4329-8B7F-330A67257DF6}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{E05E2852-B858-4A81-BEAC-89394B6F9534}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E29E7C23-064B-4CFD-B55D-930EB338A376}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E2AADA1B-1967-4B2D-B871-92090B367779}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E4288125-46CA-43D1-B6CA-EE40BE9FCE53}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E81C6C27-FD1D-4178-9C76-DF99B4DF28FF}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{F02E3CE4-24F0-41D9-BB01-930077B8C65D}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{F9B84AF8-4AF5-4BF5-9823-3EBEACBA83EB}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{FB63B01C-64D3-4567-BE4A-454B5F7309C5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FDFB2C86-4465-4C05-9A9A-83BBE479CAF6}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{FE71BF43-0722-437E-AED4-62067A5893BB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FFF44F10-714F-4C52-B0A1-49194DDA28B0}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A666D8E-0941-4774-98F0-731B2027E8F9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{258A31B6-799D-4C69-94E1-CA1D7BD6A4D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2998C799-10A9-4F02-B17A-30394DE8CA80}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{37151604-D7AA-4196-A32A-38AC6C5EBA42}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{384E198B-7A64-4AB8-8A95-51D7A2D8E1C5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{46545AFF-07D1-464A-98F2-A2A173370846}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{524AAFF5-E941-4C90-93A8-7ED2DB590BAB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{571480EC-872F-405A-85D4-65723A4399EF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5ABC2E9E-A3BC-4B5D-B39B-30E3E504CFDE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\day of defeat source\hl2.exe |
"{5E83C1A0-44E2-404A-A372-A56B9FE58FDE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{62357A85-823D-46F9-9EC5-350ED42E8603}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{62DBFFA5-FED5-4D29-9974-9746E4E61E99}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{78344188-EECA-4C07-A2F3-B095ACF09C86}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{786259A4-C88D-4E93-9366-AEBDB4AAE95B}" = protocol=17 | dir=in | app=d:\programy\esea\utorrent.exe |
"{78DE097A-58F0-437F-89D6-0B11622AD971}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{7D2888E3-C2CF-4A01-AA1C-132D20CA8F2B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7EA47F9E-E11E-4A72-B6DD-E3D2E42EDA98}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{83838FCA-336B-4243-A57B-33087119D272}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83BF7CBE-C6B2-4921-85AA-1A03B675368B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{85A2A837-AC24-4274-8FEC-A18E9272E0AE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{8C814F21-5ECB-47E7-A63D-81B50590E3DE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{8FF65CEF-B9B3-44F9-A66B-783696441DBC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{9DA7F6EE-E414-41C9-8396-C5D8C4D33DC0}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{A1686620-3527-43F0-9A99-206AE7F19DE2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{A277913A-E27C-4C8C-B3F1-CA33743BBB2D}" = protocol=6 | dir=in | app=d:\programy\esea\utorrent.exe |
"{A28ADB8C-2351-4698-8744-4DC0F0AEE30A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AFB91E33-568B-4CD8-BCA2-EE3B1AAD330B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{B14D5DCC-0D62-4637-9458-44A89383D289}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1CA52CC-E4CF-4368-8C1E-4407D7D17EC4}" = protocol=6 | dir=out | app=system |
"{B310C917-2906-40CC-997E-E0D878902BB9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{BAF089FF-8D4B-4DA3-9C89-C4FEACDF1FD7}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{C7CCB21E-C2ED-4263-AD94-CD55BF46176B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{CB82134F-B8C0-4B9D-BE90-404B383F6692}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D853F9E5-84A4-40F5-BE84-B5A675B775A8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{DB8647AD-95C3-4F95-8D62-56C215106FFE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DCB82653-009E-45FD-A3B4-A381416B9D11}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E25C290E-7045-46AC-AE2E-E057A74F75B9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E589F909-4CC7-4B41-AE93-072F698CC4F7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E5DC14FD-C7AD-464E-99C9-53C119FB1C16}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F0D6AB04-36CA-4EE0-94A5-755D6E0E7FE3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F1B609AC-5493-4BB8-BC12-79F590611F4A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F251381A-4DE0-41D7-A417-81828D3AE7D0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F29BBBB6-1A87-42D0-AFE5-46DA8F671128}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F4586B1D-CACB-4259-B64E-D8C05A8048EB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FFBE2FE8-5E71-459E-B9C8-EB56C5A6CCA6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\day of defeat source\hl2.exe |
"{FFF2EEA6-565B-4956-80BE-BCBD2CB091B3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"TCP Query User{1E6DF7DA-56C3-4B32-8A11-16A42ACB182F}D:\steam\steam.exe" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"TCP Query User{2ED060BD-4AFC-421A-9905-F481951A362E}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{5BDF0FC5-EFF9-48EC-B5B8-66FFD74B28AB}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{93775542-96B0-4B97-9C77-E499776620AA}D:\fifa 14\game\fifa14.exe" = protocol=6 | dir=in | app=d:\fifa 14\game\fifa14.exe |
"TCP Query User{DE781DC9-CFDA-4580-97CF-F49AA23A901B}D:\fifa 14\game\fifa14.exe" = protocol=6 | dir=in | app=d:\fifa 14\game\fifa14.exe |
"UDP Query User{54EFE4AD-5118-40C6-B4D1-E160AF20FA00}D:\fifa 14\game\fifa14.exe" = protocol=17 | dir=in | app=d:\fifa 14\game\fifa14.exe |
"UDP Query User{6CC9851E-55AF-497A-B30F-0BC00FEF8DFD}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{8AC15975-22F4-4B86-A973-A81B58234C81}D:\steam\steam.exe" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"UDP Query User{AF904184-8AA1-4CD0-9F4B-74A42B0245D2}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{F690BCDD-F7DC-4E66-81F5-80051783E8E9}D:\fifa 14\game\fifa14.exe" = protocol=17 | dir=in | app=d:\fifa 14\game\fifa14.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417007F0}" = Java 7 Update 7 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 14.6.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 14.6.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24
"EPSON Printer and Utilities" = EPSON Printer Software
"Lazarus_is1" = Lazarus 1.0.12
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{10631C28-62E5-477C-9B40-40C5EA8219BE}" = Black & White® 2 Battle of the Gods
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21FFDD40-F6B9-4609-B1C9-514E0A342BFA}" = OSCAR Editor
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 51
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print
"{49BE9B8A-E858-4533-A74A-64306C13DB59}" = ASUS Product Register Program
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}" = NVIDIA PhysX (Legacy)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"EPSON Scanner" = EPSON Scan
"EPSON Stylus CX7300_CX8300_DX7400_DX8400 User’s Guide" = EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manual
"Google Chrome" = Google Chrome
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{21FFDD40-F6B9-4609-B1C9-514E0A342BFA}" = OSCAR Editor
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Object Browser" = Object Browser
"RaidCall" = RaidCall
"Steam App 300" = Day of Defeat: Source
"Steam App 570" = Dota 2
"Steam App 730" = Counter-Strike: Global Offensive
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.1.2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2901934316-1854545542-611796736-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ESEA" = ESEA Client
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9. 1. 2014 14:19:16 | Computer Name = Bašno | Source = NvStreamSvc | ID = 131073
Description =

Error - 9. 1. 2014 14:19:16 | Computer Name = Bašno | Source = NvStreamSvc | ID = 131073
Description =

Error - 10. 1. 2014 6:09:32 | Computer Name = Bašno | Source = NvStreamSvc | ID = 131073
Description =

Error - 10. 1. 2014 6:09:32 | Computer Name = Bašno | Source = NvStreamSvc | ID = 131073
Description =

Error - 10. 1. 2014 6:18:58 | Computer Name = Bašno | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 11. 1. 2014 6:22:25 | Computer Name = Bašno | Source = NvStreamSvc | ID = 131073
Description =

Error - 11. 1. 2014 6:22:25 | Computer Name = Bašno | Source = NvStreamSvc | ID = 131073
Description =

Error - 11. 1. 2014 6:31:51 | Computer Name = Bašno | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 11. 1. 2014 14:30:58 | Computer Name = Bašno | Source = NvStreamSvc | ID = 131073
Description =

Error - 11. 1. 2014 14:30:58 | Computer Name = Bašno | Source = NvStreamSvc | ID = 131073
Description =

[ System Events ]
Error - 18. 6. 2014 8:20:12 | Computer Name = Bašno | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80242016): Kumulativní aktualizace zabezpečení aplikace Internet
Explorer 9 pro systém Windows 7 pro systémy platformy x64 (KB2957689).

Error - 19. 6. 2014 14:33:23 | Computer Name = Bašno | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Skype C2C Service bylo dosaženo časového
limitu (30000 ms).

Error - 20. 6. 2014 7:50:04 | Computer Name = Bašno | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Skype C2C Service bylo dosaženo časového
limitu (30000 ms).

Error - 20. 6. 2014 17:10:49 | Computer Name = Bašno | Source = DCOM | ID = 10010
Description =

Error - 21. 6. 2014 13:19:01 | Computer Name = Bašno | Source = DCOM | ID = 10010
Description =

Error - 23. 6. 2014 7:41:02 | Computer Name = Bašno | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového
limitu (30000 ms).

Error - 23. 6. 2014 7:41:02 | Computer Name = Bašno | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Netman bylo dosaženo časového
limitu (30000 ms).

Error - 23. 6. 2014 18:06:40 | Computer Name = Bašno | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 23. 6. 2014 18:06:40 | Computer Name = Bašno | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 24. 6. 2014 13:16:28 | Computer Name = Bašno | Source = DCOM | ID = 10010
Description =


< End of report >

Spusťte znovu OTL jako správce. Do spodniho okna vlozte nasledujici text:

:files
C:\Windows\AutoKMS.ini
C:\Windows\Tasks\AutoKMS.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

All processes killed
========== FILES ==========
C:\Windows\AutoKMS.ini moved successfully.
C:\Windows\Tasks\AutoKMS.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: PC1
->Temp folder emptied: 167406 bytes
->Temporary Internet Files folder emptied: 258 bytes
->Java cache emptied: 1923527 bytes
->Google Chrome cache emptied: 362097035 bytes
->Flash cache emptied: 511 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 136 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50635 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 347,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: PC1
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 06242014_214636

Files\Folders moved on Reboot...
File move failed. C:\Users\PC1\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a84b_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\PC1\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a84b_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\PC1\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\PC1\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Ještě jednou spusťte OTL tímto skriptem:

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Resethosts]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: PC1
->Temp folder emptied: 686913 bytes
->Temporary Internet Files folder emptied: 6268 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 373470032 bytes
->Flash cache emptied: 602 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 688 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 357,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: PC1
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Error: Unble to create default HOSTS file!

OTL by OldTimer - Version 3.2.69.0 log created on 06292014_131622

Files\Folders moved on Reboot...
File move failed. C:\Users\PC1\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a84b_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\PC1\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a84b_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\PC1\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\PC1\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Vše smazáno, PC by již měl být čistý. OTL smažte.