Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu - zásek PC

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Morph
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 kvě 2013 20:31

Prosím o kontrolu - zásek PC

#1 Příspěvek od Morph »

Dobrý deň, prosím o kontrolu logu. Mám malý problém s občasným seknutím PC a chcem si byť istý, že nemám v PC nejaký škodlivý SW, ktorý mi tieto problémy robí, nech sa môžem zamerať na iné riešenie problému. Ďakujem.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Marek Khúla at 2014-07-27 19:03:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (32%) free of 114 GB
Total RAM: 8147 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:03:43, on 27. 7. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Users\Marek Khúla\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Marek Khúla\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Users\Marek Khúla\AppData\Roaming\Spotify\spotify.exe
C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
D:\folder\Steam.exe
D:\Origin\Origin.exe
D:\Origin\OriginClientService.exe
D:\World of Warcraft - Wrath of the Lich King\Wow.exe
C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Marek Khúla.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 87.248.214.183 static3.cdn.Ubi.com
O1 - Hosts: 95.140.224.199 static2.cdn.Ubi.com
O1 - Hosts: 87.248.214.183 static1.cdn.Ubi.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [EPSON_UD_START] "C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe" -UDCONNECT
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marek Khúla\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [F.lux] "C:\Users\Marek Khúla\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Spotify] "C:\Users\Marek Khúla\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\folder\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EMP_UDSA - SEIKO EPSON CORPORATION - C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11800 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\PrintIsolationHost.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Users\Marek Khúla\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Users\Marek Khúla\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Users\Marek Khúla\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
"C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
WLIDSvcM.exe 1520
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c5b30641-5fa8-4c19-b548-f58a159c334b -SystemEventPortName:HostProcess-b75caac0-32ce-4075-9914-c8c6f9aa5567 -IoCancelEventPortName:HostProcess-06b517be-affc-4ac6-a72d-0ef89345145b -NonStateChangingEventPortName:HostProcess-79c89319-3528-4a54-b08b-dae944fef989 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fc64807a-9dfc-401c-9961-b69c304ef81a -DeviceGroupId:WpdFsGroup
"C:\Users\Marek Khúla\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="3236.1.484243970\20525137" /prefetch:673131151
"C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="3236.2.1333096108\620612951" /prefetch:673131151
"C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="3236.3.625672574\1232108167" /prefetch:673131151
"C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="3236.4.1300712449\367059960" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x1002 --gpu-device-id=0x6819 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.100.0.0 --lang=en-US --log-severity=disable /prefetch:822062411
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"D:\folder\Steam.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"D:\Origin\Origin.exe"
"D:\Origin\OriginClientService.exe" D:\Origin\OriginClientService.exe -args:sC28BVRfy3pw3Tfz8ROWViV63j5JrLJ3
"D:\World of Warcraft - Wrath of the Lich King\Wow.exe"
"C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5728.0.121124462\1427312169" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --gpu-vendor-id=0x1002 --gpu-device-id=0x6819 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.100.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="5728.2.1594777915\1982521268" /prefetch:673131151
"C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="5728.5.1513641594\1943457090" /prefetch:673131151
taskeng.exe {0F4E5E1E-5823-46FF-9BAA-4805878F610F}
taskhost.exe $(Arg0)
"C:\Users\Marek Khúla\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce7f7ce779dc19.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6a4b1e881dc4.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1325416706-420989168-3387538490-1000Core1cf6a4e8bc3a8a1.job - C:\Users\Marek Khúla\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1325416706-420989168-3387538490-1000UA1cf8d9b5dde311a.job - C:\Users\Marek Khúla\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Marek Khúla\AppData\Roaming\Mozilla\Firefox\Profiles\s2znmqiy.default

prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "keyword.URL" - "https://search.yahoo.com/search?fr=gree ... =501549&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll


C:\Users\Marek Khúla\AppData\Roaming\Mozilla\Firefox\Profiles\s2znmqiy.default\searchplugins\
bingp.xml
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre8\bin\ssv.dll [2014-07-20 554920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-16 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-07-20 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-20 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-16 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-20 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-12-12 7560296]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"Google Update"=C:\Users\Marek Khúla\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-11 116648]
"AdobeBridge"= []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"F.lux"=C:\Users\Marek Khúla\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"Spotify"=C:\Users\Marek Khúla\AppData\Roaming\Spotify\Spotify.exe [2014-07-25 6162488]
"Spotify Web Helper"=C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-07-25 1178168]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-04 291608]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-29 284440]
"EPSON_UD_START"=C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [2009-04-15 329632]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-04-17 767200]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-05-08 959904]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-16 4086432]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-27 19:03:38 ----D---- C:\rsit
2014-07-27 19:03:38 ----D---- C:\Program Files\trend micro
2014-07-27 11:48:03 ----A---- C:\Windows\system32\drivers\HWiNFO64A.SYS
2014-07-25 23:33:40 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Spotify
2014-07-20 15:07:30 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-07-20 15:07:26 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-07-20 15:07:26 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-07-20 15:07:26 ----A---- C:\Windows\SYSWOW64\java.exe
2014-07-20 15:07:19 ----D---- C:\Program Files (x86)\Java
2014-07-19 00:41:36 ----D---- C:\Dragon Age
2014-07-19 00:37:10 ----D---- C:\Dragon Age II
2014-07-18 21:57:17 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-07-16 21:23:02 ----D---- C:\Users\Marek Khúla\AppData\Roaming\AVAST Software
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-07-16 21:22:14 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-07-16 21:22:13 ----A---- C:\Windows\avastSS.scr
2014-07-14 23:52:47 ----D---- C:\Program Files (x86)\ABF software
2014-07-14 07:58:46 ----D---- C:\Program Files (x86)\GreenTree Applications
2014-07-10 23:27:44 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Apple Computer
2014-07-10 23:27:39 ----DC---- C:\Windows\system32\DRVSTORE
2014-07-10 23:27:27 ----D---- C:\ProgramData\Apple Computer
2014-07-10 23:27:27 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-10 23:27:05 ----D---- C:\ProgramData\Apple
2014-07-08 23:28:19 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-07-08 23:28:19 ----A---- C:\Windows\system32\mstscax.dll
2014-07-08 23:11:14 ----A---- C:\Windows\system32\aepdu.dll
2014-07-08 23:11:14 ----A---- C:\Windows\system32\aeinv.dll
2014-07-08 23:10:58 ----A---- C:\Windows\system32\win32k.sys
2014-07-08 23:10:57 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-08 23:10:57 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-08 23:10:57 ----A---- C:\Windows\system32\qedit.dll
2014-07-08 23:10:57 ----A---- C:\Windows\system32\osk.exe
2014-07-08 23:10:57 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\wdigest.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\schannel.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\kerberos.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\credssp.dll
2014-07-08 23:10:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-08 23:10:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-08 23:10:55 ----A---- C:\Windows\system32\iernonce.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-08 23:10:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-08 23:10:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-08 23:10:54 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-08 23:10:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-08 23:10:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-08 23:10:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-08 23:10:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-08 23:10:53 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-08 23:10:53 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-08 23:10:53 ----A---- C:\Windows\system32\urlmon.dll
2014-07-08 23:10:53 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-08 23:10:53 ----A---- C:\Windows\system32\iesetup.dll
2014-07-08 23:10:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-08 23:10:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-08 23:10:53 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-08 23:10:53 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-08 23:10:52 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-08 23:10:52 ----A---- C:\Windows\system32\ieui.dll
2014-07-08 23:10:52 ----A---- C:\Windows\system32\iertutil.dll
2014-07-08 23:10:52 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\wininet.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\vbscript.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\jscript9.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-08 23:10:51 ----A---- C:\Windows\system32\ieframe.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-08 23:10:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-08 23:10:50 ----A---- C:\Windows\system32\msrating.dll
2014-07-08 23:10:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-08 23:10:50 ----A---- C:\Windows\system32\mshtml.dll
2014-07-08 23:06:33 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-08 23:06:33 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-08 23:06:33 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-08 23:04:22 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-07-08 23:04:22 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-07-08 23:04:22 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-07-08 23:04:22 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-07-08 23:04:21 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2014-07-08 23:04:21 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-07-08 23:04:21 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-07-08 23:04:21 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-07-08 23:04:21 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2014-07-08 23:04:21 ----A---- C:\Windows\system32\wksprtPS.dll
2014-07-08 23:04:21 ----A---- C:\Windows\system32\wksprt.exe
2014-07-08 23:04:21 ----A---- C:\Windows\system32\TSWbPrxy.exe
2014-07-08 23:04:21 ----A---- C:\Windows\system32\tsgqec.dll
2014-07-08 23:04:21 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-07-08 23:04:21 ----A---- C:\Windows\system32\mstsc.exe
2014-07-08 23:04:21 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2014-07-08 23:04:11 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-07-08 23:04:11 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-07-06 15:25:15 ----RHD---- C:\Users\Marek Khúla\AppData\Roaming\SecuROM
2014-07-06 15:24:01 ----D---- C:\Windows\SYSWOW64\URTTEMP
2014-07-06 15:23:24 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-07-06 15:23:24 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2014-07-05 23:30:18 ----D---- C:\Users\Marek Khúla\AppData\Roaming\PDM
2014-07-05 18:42:50 ----D---- C:\Users\Marek Khúla\AppData\Roaming\BANDISOFT
2014-06-29 19:02:48 ----D---- C:\Program Files\CPUID
2014-06-29 17:07:26 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Notepad++
2014-06-29 17:07:26 ----D---- C:\Program Files (x86)\Notepad++

======List of files/folders modified in the last 1 month======

2014-07-27 19:03:41 ----D---- C:\Windows\Temp
2014-07-27 19:03:38 ----RD---- C:\Program Files
2014-07-27 17:09:49 ----D---- C:\Windows\tracing
2014-07-27 16:58:24 ----D---- C:\ProgramData\Origin
2014-07-27 16:56:58 ----D---- C:\Program Files (x86)\Common Files
2014-07-27 16:40:45 ----D---- C:\Windows\system32\config
2014-07-27 16:32:48 ----D---- C:\Windows\System32
2014-07-27 16:32:48 ----D---- C:\Windows\inf
2014-07-27 16:32:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-27 16:28:56 ----A---- C:\Windows\SYSWOW64\log.txt
2014-07-27 12:26:18 ----D---- C:\Windows\system32\catroot2
2014-07-27 12:11:32 ----D---- C:\Users\Marek Khúla\AppData\Roaming\TS3Client
2014-07-27 12:06:26 ----SHD---- C:\Windows\Installer
2014-07-27 12:06:26 ----SHD---- C:\Config.Msi
2014-07-27 12:06:26 ----D---- C:\ProgramData\Sony
2014-07-27 12:06:22 ----SHD---- C:\System Volume Information
2014-07-27 11:55:51 ----D---- C:\ProgramData\Media Center Programs
2014-07-27 11:53:37 ----D---- C:\Windows\system32\DriverStore
2014-07-27 11:53:37 ----D---- C:\Windows\system32\drivers
2014-07-27 11:53:37 ----D---- C:\Windows\system32\catroot
2014-07-27 11:53:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-27 11:46:02 ----RD---- C:\Program Files (x86)
2014-07-27 02:32:54 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-27 02:30:05 ----D---- C:\Windows\SysWOW64
2014-07-27 02:28:42 ----D---- C:\Program Files\Common Files
2014-07-27 02:27:35 ----D---- C:\ProgramData\Ubisoft
2014-07-27 02:25:25 ----HD---- C:\ProgramData
2014-07-27 02:24:01 ----D---- C:\Windows\system32\Tasks
2014-07-27 02:23:45 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Ubisoft
2014-07-25 23:55:17 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Origin
2014-07-25 23:52:01 ----D---- C:\ProgramData\Electronic Arts
2014-07-25 18:35:59 ----D---- C:\Users\Marek Khúla\AppData\Roaming\uTorrent
2014-07-24 17:55:06 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-24 17:55:05 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-22 19:31:03 ----D---- C:\Windows\SYSWOW64\directx
2014-07-20 16:32:42 ----D---- C:\ProgramData\BioWare
2014-07-20 16:16:19 ----RSD---- C:\Windows\assembly
2014-07-20 15:10:45 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-20 15:10:44 ----A---- C:\Windows\system32\javaws.exe
2014-07-20 15:10:44 ----A---- C:\Windows\system32\javaw.exe
2014-07-20 15:10:44 ----A---- C:\Windows\system32\java.exe
2014-07-20 15:09:18 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Skype
2014-07-20 15:08:18 ----D---- C:\ProgramData\Skype
2014-07-19 01:17:33 ----D---- C:\Windows
2014-07-16 21:22:14 ----D---- C:\Windows\winsxs
2014-07-16 21:22:13 ----A---- C:\Windows\system32\aswBoot.exe
2014-07-16 21:20:04 ----D---- C:\ProgramData\AVAST Software
2014-07-16 17:53:04 ----D---- C:\Windows\debug
2014-07-15 18:39:29 ----D---- C:\Program Files\TeamSpeak 3 Client
2014-07-14 23:41:37 ----RSD---- C:\Windows\Fonts
2014-07-11 23:20:27 ----SHD---- C:\$Recycle.Bin
2014-07-10 00:42:57 ----D---- C:\Windows\rescache
2014-07-09 01:02:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-07-09 01:02:07 ----D---- C:\Windows\system32\cs-CZ
2014-07-08 23:47:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-08 23:14:39 ----SD---- C:\Windows\system32\CompatTel
2014-07-08 23:14:39 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-08 23:14:39 ----D---- C:\Windows\system32\Dism
2014-07-08 23:14:39 ----D---- C:\Windows\ehome
2014-07-08 23:14:39 ----D---- C:\Program Files\Windows Journal
2014-07-08 23:14:38 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-08 23:14:38 ----D---- C:\Windows\system32\en-US
2014-07-08 23:14:38 ----D---- C:\Program Files\Internet Explorer
2014-07-08 23:14:38 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-08 23:13:54 ----D---- C:\Windows\system32\MRT
2014-07-08 23:13:09 ----A---- C:\Windows\system32\MRT.exe
2014-07-08 23:12:53 ----D---- C:\ProgramData\Microsoft Help
2014-07-08 23:06:51 ----D---- C:\Windows\SYSWOW64\wbem
2014-07-08 23:06:51 ----D---- C:\Windows\system32\wbem
2014-07-08 23:06:51 ----D---- C:\Windows\system32\drivers\en-US
2014-07-06 15:24:39 ----D---- C:\Windows\registration
2014-07-06 15:24:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-16 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-16 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-11-29 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-04 16152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-08-21 19600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-16 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-16 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-16 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-26 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2014-07-27 31648]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-16 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-16 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-16 92008]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-09-07 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-09-07 46400]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-03 11576]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-04-18 15376384]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-04-18 638976]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-12-19 94720]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2010-08-17 26136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-13 4718952]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-04 355096]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-04 786200]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 13824]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2014-01-23 37344]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-04-18 239616]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-16 50344]
R2 EMP_UDSA;EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [2009-04-15 98304]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-07 277784]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-07-06 66872]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-14 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; D:\folder\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-07-19 25832]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-14 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-22 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu - zásek PC

#2 Příspěvek od Márty84 »

Zdravim :)

:???: HOSTS soubor mate upraveny schvalne?
Morph píše:O1 - Hosts: 87.248.214.183 static3.cdn.Ubi.com
O1 - Hosts: 95.140.224.199 static2.cdn.Ubi.com
O1 - Hosts: 87.248.214.183 static1.cdn.Ubi.com

:arrow: Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Morph
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 kvě 2013 20:31

Re: Prosím o kontrolu - zásek PC

#3 Příspěvek od Morph »

Dobrý deň, k tým HOSTS, ja osobne som ich neupravoval, jedine nejaký program. Alebo možno brat, pretože kedysi tento PC bol jeho, ale pochybujem že by sa v niečom takom vyznal.
Prikladám požadované logy. Ďakujem.

Crystal disk info:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/07/28 18:07:07

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series/C216 Chipset Family SATA AHCI Controller [ATA]
- OCZ-AGILITY3
- WDC WD10EZRX-00A8LB0
- HL-DT-ST DVDRAM GH24NS90

-- Disk List ---------------------------------------------------------------
(1) OCZ-AGILITY3 : 120,0 GB [0/0/0, pd1] - sf
(2) WDC WD10EZRX-00A8LB0 : 1000,2 GB [1/0/1, pd1]

----------------------------------------------------------------------------
(1) OCZ-AGILITY3
----------------------------------------------------------------------------
Model : OCZ-AGILITY3
Firmware : 2.22
Serial Number : OCZ-6LVE8F514FUDGOCL
Disk Size : 120,0 GB (8,4/120,0/120,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ACS-2 Revision 3
Transfer Mode : SATA/600
Power On Hours : 0 hod.
Power On Count : Neznámy údaj
Host Reads : 0 GB
Host Writes : 0 GB
Temparature : Neznámy údaj
Health Status : Špatný (0 %)
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM
APM Level : 00FEh [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values (7) Attribute Name
01 __0 __0 _50 00000000000000 Raw Read Error Rate
05 __0 __0 __3 00000000000000 Retired Block Count
09 __0 __0 __0 00000000000000 Power-on Hours
0C __0 __0 __0 00000000000000 Power Cycle Count
AB __0 __0 __0 00000000000000 Program Fail Count
AC __0 __0 __0 00000000000000 Erase Fail Count
AE __0 __0 __0 00000000000000 Unexpected Power Loss Count
B1 __0 __0 __0 00000000000000 Wear Range Delta
B5 __0 __0 __0 00000000000000 Program Fail Count
B6 __0 __0 __0 00000000000000 Erase Fail Count
BB __0 __0 __0 00000000000000 Reported Uncorrectable Errors
C2 __0 __0 __0 00000000000000 Temperature
C3 __0 __0 __0 00000000000000 On-the-Fly ECC Uncorrectable Error Count
C4 __0 __0 __3 00000000000000 Reallocation Event Count
C9 __0 __0 __0 00000000000000 Uncorrectable Soft Read Error Rate
CC __0 __0 __0 00000000000000 Soft ECC Correction Rate
E6 __0 __0 __0 00000000000000 Life Curve Status
E7 __0 __0 _10 00000000000000 SSD Life Left
E9 __0 __0 __0 00000000000000 Specifický pro výrobce
EA __0 __0 __0 00000000000000 Specifický pro výrobce
F1 __0 __0 __0 00000000000000 Lifetime Writes from Host
F2 __0 __0 __0 00000000000000 Lifetime Reads from Host

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 4F43 5A2D 364C 5645 3846 3446 3446 5544 474F 434C
020: 0000 0000 0004 322E 3232 2020 2020 4F43 5A2D 4147
030: 494C 4954 5933 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 4200
070: 0000 0000 0000 0000 0000 C70E C70E 0006 0044 0044
080: 01FC 0110 746B 7469 6163 B449 B449 6163 407F 0001
090: 0000 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 4000 4000 0000 5E83 A97B
110: 4FDF 1324 0000 0000 0000 0000 0000 0000 0000 401A
120: 4018 0000 0000 0000 0000 0000 0000 0000 0009 4F24
130: 4E89 0300 0101 0002 000E 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 6500
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0021 0021 0000 0000 4000
210: 0000 0000 0100 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C6A5



----------------------------------------------------------------------------
(2) WDC WD10EZRX-00A8LB0
----------------------------------------------------------------------------
Model : WDC WD10EZRX-00A8LB0
Firmware : 01.01A01
Serial Number : WD-WMC1U5632866
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600
Power On Hours : 9616 hod.
Power On Count : 970 krát
Temparature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 140 136 _21 000000000F8F Čas na roztočení ploten
04 _99 _99 __0 000000000439 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _87 _87 __0 000000002590 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 0000000003CA Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000088 Počet vypnutí disku
C1 157 157 __0 0000000201FF Počet cyklů načítání/vymazání
C2 110 _95 __0 000000000021 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 5535 5535 3633 3238 3636
020: 0000 0000 0000 3031 2E30 3031 3031 5744 4320 5744
030: 3130 455A 5258 2D30 3041 4230 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 970E 970E 0006 0044 0044
080: 01FE 0000 746B 7D61 4123 BC41 BC41 4123 407F 0044
090: 0044 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 6003 6003 0000 5001 4EE6
110: AD4B F47A 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 30B5 30B5 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 5EA5


AdwCleaner


# AdwCleaner v3.301 - Report created 28/07/2014 at 18:11:15
# Updated 28/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Marek Khúla - COMPUTER
# Running from : C:\Users\Marek Khúla\Desktop\adwcleaner_3.301.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Users\Marek Khúla\AppData\Local\Conduit
Folder Deleted : C:\Users\Marek Khúla\AppData\Local\PackageAware
Folder Deleted : C:\Users\Marek Khúla\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Marek Khúla\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Marek Khúla\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Marek Khúla\AppData\Roaming\ParetoLogic
File Deleted : C:\Users\Marek Khúla\AppData\Roaming\Mozilla\Firefox\Profiles\s2znmqiy.default\searchplugins\bingp.xml
File Deleted : C:\Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : PC Health Advisor

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : [x64] HKLM\SOFTWARE\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Marek Khúla\AppData\Roaming\Mozilla\Firefox\Profiles\s2znmqiy.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}&search= ... &o=0&l=dir
Deleted [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Extension] : ejpbbhjlbipncjklfjjaedaieimbmdda
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [3996 octets] - [28/07/2014 18:10:29]
AdwCleaner[S0].txt - [3753 octets] - [28/07/2014 18:11:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3813 octets] ##########

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu - zásek PC

#4 Příspěvek od Márty84 »

:arrow: Udelejte kontrolu programem HD Tune
Stahnete http://www.slunecnice.cz/sw/hd-tune/ , nainstalujte a spustte jako spravce (pokud vam pri instalaci nabidne nejaky doplnek, odmitnete ho!)
V tom okne kliknete na posledni zalozku - Error Scan (pokud bude zatrzeny quick scan, tak zatrzitko zruste) a kliknete na Start.
Kontrola bude nejakou dobu trvat. Dejte vedet, jestli tam bylo nejake cervene policko.
Taky se podivejte na zalozku Health a opiste mi (vyfotte), co se tam pise. Melo by tam byt OK http://www.google.cz/imgres?um=1&hl=cs& ... s:20,i:143
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Morph
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 kvě 2013 20:31

Re: Prosím o kontrolu - zásek PC

#5 Příspěvek od Morph »

Dobrý deň,

pri Error scan sa nevyskytlo žiadne červené políčko, prikladám požadované zložky health - 2 obrázky keďže mám 2 disky, jeden SSD druhý HDD (obe skontrolované Error Scanom a obe boli bez červeného políčka). Pri SSD sa mi v zložke Health nezobrazilo nič, viz. obrázok nižšie, pri HDD sa mi niečo vypísalo, viz. obrázok nižšie. Dúfam, že som spravil všetko správne. Prajem pekný deň a predom ďakujem.

Obrázek
Obrázek

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu - zásek PC

#6 Příspěvek od Márty84 »

Ten disk (1) OCZ-AGILITY3 nedava zadne informace :?:


:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Morph
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 kvě 2013 20:31

Re: Prosím o kontrolu - zásek PC

#7 Příspěvek od Morph »

Dobrý večer,

snažil som sa zistiť prečo mi nedáva program žiadne informácie k SSD a mám také tušenie, že to bude v oprávneniach, keďže HDD (2) mám plne prístupný (čítanie, zápis, atď) pre každého a pre SSD (1) mám iba pre systém. Ale niesom si s tým istý a niesom žiadny profík, tak som žiadne zmeny radšej neskúšal. K tej kontrole: program mi našiel niekoľko hrozieb, radšej som nekonal dokým mi neporadíte čo ďalej robiť, prikladám log. Predom ďakujem za odpoveď.


Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 30. 7. 2014
Čas skenování: 19:54:43
Protokol: log.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.07.30.06
Databáze rootkitů: v2014.07.17.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Marek KhAola

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 592019
Uplynulý čas: 1 hod, 29 min, 2 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 3
PUP.Optional.OpenCandy, C:\Users\Marek KhAola\AppData\Local\Temp\nsg3F2C.tmp\PhotoScape_V3.6.3.exe, , [f1bd03a20f6c69cdb92d568850b41de3],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir, , [b9f5f0b51269c472425ca48bef1141bf],
PUP.Optional.Conduit.A, C:\Users\Marek KhAola\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx, , [ac02564fe299c27402fd814dd82a7f81],

Fyzické sektory: 0
(No malicious items detected)


(end)

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu - zásek PC

#8 Příspěvek od Márty84 »

Vsechny nalezy hodte do karanteny, pak MBAM odinstalujte.


Dejte novy log z RSIT
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Morph
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 kvě 2013 20:31

Re: Prosím o kontrolu - zásek PC

#9 Příspěvek od Morph »

Prikladám požadovaný log.


Logfile of random's system information tool 1.10 (written by random/random)
Run by Marek Khúla at 2014-07-30 22:35:30
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 36 GB (32%) free of 114 GB
Total RAM: 8077 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:35:33, on 30. 7. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Users\Marek Khúla\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Marek Khúla\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\EKAG20NT.EXE
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Marek Khúla.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 87.248.214.183 static3.cdn.Ubi.com
O1 - Hosts: 95.140.224.199 static2.cdn.Ubi.com
O1 - Hosts: 87.248.214.183 static1.cdn.Ubi.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [EPSON_UD_START] "C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe" -UDCONNECT
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marek Khúla\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [F.lux] "C:\Users\Marek Khúla\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\appinit_dll.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.21\AsusFanControlService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\folder\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EMP_UDSA - SEIKO EPSON CORPORATION - C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LucidSvc - LucidLogix - C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\LucidSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12806 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe"
taskeng.exe {5C406F4E-5306-48A5-88D6-D669EE2A3946}
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\MVPControlPanel20.exe" /hide
taskeng.exe {517EA25A-F788-4121-98C6-C4035F5E43FE}
"C:\Users\Marek Khúla\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe"
"C:\Users\Marek Khúla\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.21\AsusFanControlService.exe"
"C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\LucidSvc.exe"
"C:\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 3772
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\PrintIsolationHost.exe -Embedding
"C:\Users\Marek Khúla\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"EKAG20NT.EXE" 0200B2F1D7485A5A 0
igfxEM.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f20b8ff7-3518-489d-8e6c-904d81da80a6 -SystemEventPortName:HostProcess-a430dcc9-e573-40c3-8301-1bc71a90b46c -IoCancelEventPortName:HostProcess-fd21700d-d96f-4c18-a28b-7a9a2b441fee -NonStateChangingEventPortName:HostProcess-4a837451-9fc4-4367-935d-7486cb134d7f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:db004255-8213-4a2d-af6d-0906d32751f3 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe" -Init
"C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\lucidservices.exe" MVP 2 MVPControlPanel20
\??\C:\Windows\system32\conhost.exe "1616904204-7201679221853766585-574672901353519614272774601358360247-30549464
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe" -Init
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
"C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
"C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5048.0.1413433255\496557547" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --gpu-vendor-id=0x1002 --gpu-device-id=0x6819 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.100.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="5048.2.1001731571\781009847" /prefetch:673131151
"C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="5048.6.416413373\610462602" /prefetch:673131151
"C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Users\Marek Khúla\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="5048.10.119874212\874223390" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\WmiApSrv.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 548 552 560 65536 556
"C:\Users\Marek Khúla\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce7f7ce779dc19.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6a4b1e881dc4.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1325416706-420989168-3387538490-1000Core1cf6a4e8bc3a8a1.job - C:\Users\Marek Khúla\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1325416706-420989168-3387538490-1000UA1cf8d9b5dde311a.job - C:\Users\Marek Khúla\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Marek Khúla\AppData\Roaming\Mozilla\Firefox\Profiles\s2znmqiy.default

prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "keyword.URL" - "https://search.yahoo.com/search?fr=gree ... =501549&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll


C:\Users\Marek Khúla\AppData\Roaming\Mozilla\Firefox\Profiles\s2znmqiy.default\searchplugins\
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre8\bin\ssv.dll [2014-07-20 554920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-16 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-07-20 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-20 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-16 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-20 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-12-12 7560296]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
"VIRTU MVP 2.0"=C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\MVPControlPanel20.Exe [2014-04-29 1238248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"Google Update"=C:\Users\Marek Khúla\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-11 116648]
"AdobeBridge"= []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"F.lux"=C:\Users\Marek Khúla\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-04 291608]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-29 284440]
"EPSON_UD_START"=C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [2009-04-15 329632]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-05-08 959904]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-16 4086432]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]
"StartCCC"=C:\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-04-17 767200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\appinit_dll.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-30 19:51:37 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Malwarebytes
2014-07-30 19:51:28 ----D---- C:\ProgramData\Malwarebytes
2014-07-30 19:51:27 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-28 23:10:58 ----A---- C:\Windows\PE_Rom.dll
2014-07-28 23:09:13 ----D---- C:\ProgramData\ASUS OC Profiles
2014-07-28 23:07:59 ----D---- C:\Program Files\ASUS
2014-07-28 23:07:14 ----RA---- C:\Windows\system32\drivers\ndisrd.sys
2014-07-28 23:06:00 ----A---- C:\Windows\SYSWOW64\drivers\UpdateHelper.dll
2014-07-28 23:05:18 ----D---- C:\ProgramData\ASUS
2014-07-28 23:00:43 ----D---- C:\ProgramData\mvp
2014-07-28 22:59:53 ----A---- C:\Windows\system32\drivers\VirtuWDDM.sys
2014-07-28 22:59:51 ----D---- C:\ProgramData\Lucidlogix
2014-07-28 22:59:51 ----D---- C:\Program Files\Lucidlogix Technologies
2014-07-28 22:59:51 ----A---- C:\Windows\SYSWOW64\appinit_dll.dll
2014-07-28 22:59:51 ----A---- C:\Windows\system32\appinit_dll.dll
2014-07-28 22:54:12 ----RASHD---- C:\ProgramData\Key-Base
2014-07-28 22:51:40 ----RA---- C:\Windows\SYSWOW64\drivers\AsIO.sys
2014-07-28 22:51:40 ----RA---- C:\Windows\SYSWOW64\AsIO.dll
2014-07-28 22:51:40 ----D---- C:\Program Files (x86)\ASUS
2014-07-28 22:51:37 ----N---- C:\Windows\SYSWOW64\drivers\AsInsHelp64.sys
2014-07-28 22:21:24 ----D---- C:\ProgramData\ATI
2014-07-28 22:19:59 ----D---- C:\Program Files (x86)\AMD AVT
2014-07-28 22:19:37 ----D---- C:\Program Files\AMD
2014-07-28 22:19:21 ----D---- C:\Program Files (x86)\ATI Technologies
2014-07-28 22:19:03 ----D---- C:\Program Files\ATI
2014-07-28 22:18:00 ----D---- C:\AMD
2014-07-28 21:48:36 ----D---- C:\Program Files (x86)\HD Tune
2014-07-28 18:10:52 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-07-28 18:09:49 ----D---- C:\AdwCleaner
2014-07-28 15:01:33 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Trine2
2014-07-28 09:45:22 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2014-07-28 09:45:14 ----D---- C:\Windows\Sun
2014-07-28 09:41:52 ----A---- C:\Windows\system32\MetroIntelGenericUIFramework.dll
2014-07-28 09:41:51 ----A---- C:\Windows\SYSWOW64\IntelOpenCL32.dll
2014-07-28 09:41:51 ----A---- C:\Windows\SYSWOW64\IntelCpHeciSvc.exe
2014-07-28 09:41:51 ----A---- C:\Windows\SYSWOW64\Intel_OpenCL_ICD32.dll
2014-07-28 09:41:51 ----A---- C:\Windows\SYSWOW64\iglhsip32.dll
2014-07-28 09:41:51 ----A---- C:\Windows\SYSWOW64\iglhcp32.dll
2014-07-28 09:41:51 ----A---- C:\Windows\SYSWOW64\igfxexps32.dll
2014-07-28 09:41:51 ----A---- C:\Windows\SYSWOW64\igfxcmrt32.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\IntelOpenCL64.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\Intel_OpenCL_ICD64.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\iglhsip64.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\iglhcp64.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxTray.exe
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxOSP.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxLHMLibv2_0.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxLHMLib.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxLHM.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxHK.exe
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxext.exe
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxexps.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxEMLibv2_0.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxEMLib.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxEM.exe
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxDTCM.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxDILibv2_0.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxDILib.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxDI.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxDHLibv2_0.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxDHLib.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxDH.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxCUIServicePS.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxCUIService.exe
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxCoIn_v3621.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxcmrt64.dll
2014-07-28 09:41:51 ----A---- C:\Windows\system32\igfxcmjit64.dll
2014-07-28 09:41:50 ----A---- C:\Windows\SYSWOW64\igfxcmjit32.dll
2014-07-28 09:41:50 ----A---- C:\Windows\SYSWOW64\igfx11cmrt32.dll
2014-07-28 09:41:50 ----A---- C:\Windows\SYSWOW64\igdusc32.dll
2014-07-28 09:41:50 ----A---- C:\Windows\SYSWOW64\igdumdim32.dll
2014-07-28 09:41:50 ----A---- C:\Windows\SYSWOW64\igdrcl32.dll
2014-07-28 09:41:50 ----A---- C:\Windows\SYSWOW64\igdmd32.dll
2014-07-28 09:41:50 ----A---- C:\Windows\system32\igfx11cmrt64.dll
2014-07-28 09:41:50 ----A---- C:\Windows\system32\igdusc64.dll
2014-07-28 09:41:50 ----A---- C:\Windows\system32\igdumdim64.dll
2014-07-28 09:41:50 ----A---- C:\Windows\system32\igdrcl64.dll
2014-07-28 09:41:50 ----A---- C:\Windows\system32\igdmd64.dll
2014-07-28 09:41:50 ----A---- C:\Windows\system32\igdfcl64.dll
2014-07-28 09:41:50 ----A---- C:\Windows\system32\drivers\igdkmd64.sys
2014-07-28 09:41:49 ----A---- C:\Windows\SYSWOW64\igdfcl32.dll
2014-07-28 09:41:49 ----A---- C:\Windows\SYSWOW64\igdde32.dll
2014-07-28 09:41:49 ----A---- C:\Windows\SYSWOW64\igdbcl32.dll
2014-07-28 09:41:49 ----A---- C:\Windows\SYSWOW64\igdail32.dll
2014-07-28 09:41:49 ----A---- C:\Windows\SYSWOW64\igd10iumd32.dll
2014-07-28 09:41:49 ----A---- C:\Windows\SYSWOW64\ig7icd32.dll
2014-07-28 09:41:49 ----A---- C:\Windows\system32\igdde64.dll
2014-07-28 09:41:49 ----A---- C:\Windows\system32\igdbcl64.dll
2014-07-28 09:41:49 ----A---- C:\Windows\system32\igdail64.dll
2014-07-28 09:41:49 ----A---- C:\Windows\system32\igd10iumd64.dll
2014-07-28 09:41:49 ----A---- C:\Windows\system32\ig7icd64.dll
2014-07-28 09:41:49 ----A---- C:\Windows\system32\IccLibDll_x64.dll
2014-07-28 09:41:49 ----A---- C:\Windows\system32\Gfxv4_0.exe
2014-07-28 09:41:49 ----A---- C:\Windows\system32\Gfxv2_0.exe
2014-07-28 09:41:49 ----A---- C:\Windows\system32\GfxUIEx.exe
2014-07-28 09:41:49 ----A---- C:\Windows\system32\DPTopologyAppv2_0.exe
2014-07-28 09:41:49 ----A---- C:\Windows\system32\DPTopologyApp.exe
2014-07-28 09:41:49 ----A---- C:\Windows\system32\difx64.exe
2014-07-28 09:41:48 ----A---- C:\Windows\system32\drivers\IntcDAud.sys
2014-07-28 09:41:48 ----A---- C:\Windows\system32\CustomModeAppv2_0.exe
2014-07-28 09:41:48 ----A---- C:\Windows\system32\CustomModeApp.exe
2014-07-27 19:03:38 ----D---- C:\rsit
2014-07-27 19:03:38 ----D---- C:\Program Files\trend micro
2014-07-27 11:48:03 ----A---- C:\Windows\system32\drivers\HWiNFO64A.SYS
2014-07-25 23:33:40 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Spotify
2014-07-20 15:07:30 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-07-20 15:07:26 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-07-20 15:07:26 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-07-20 15:07:26 ----A---- C:\Windows\SYSWOW64\java.exe
2014-07-20 15:07:19 ----D---- C:\Program Files (x86)\Java
2014-07-19 00:41:36 ----D---- C:\Dragon Age
2014-07-19 00:37:10 ----D---- C:\Dragon Age II
2014-07-18 21:57:17 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-07-16 21:23:02 ----D---- C:\Users\Marek Khúla\AppData\Roaming\AVAST Software
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-07-16 21:22:15 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-07-16 21:22:14 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-07-16 21:22:13 ----A---- C:\Windows\avastSS.scr
2014-07-14 23:52:47 ----D---- C:\Program Files (x86)\ABF software
2014-07-10 23:27:44 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Apple Computer
2014-07-10 23:27:39 ----DC---- C:\Windows\system32\DRVSTORE
2014-07-10 23:27:27 ----D---- C:\ProgramData\Apple Computer
2014-07-10 23:27:27 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-10 23:27:05 ----D---- C:\ProgramData\Apple
2014-07-08 23:28:19 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-07-08 23:28:19 ----A---- C:\Windows\system32\mstscax.dll
2014-07-08 23:11:14 ----A---- C:\Windows\system32\aepdu.dll
2014-07-08 23:11:14 ----A---- C:\Windows\system32\aeinv.dll
2014-07-08 23:10:58 ----A---- C:\Windows\system32\win32k.sys
2014-07-08 23:10:57 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-08 23:10:57 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-08 23:10:57 ----A---- C:\Windows\system32\qedit.dll
2014-07-08 23:10:57 ----A---- C:\Windows\system32\osk.exe
2014-07-08 23:10:57 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-08 23:10:56 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\wdigest.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\schannel.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\kerberos.dll
2014-07-08 23:10:56 ----A---- C:\Windows\system32\credssp.dll
2014-07-08 23:10:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-08 23:10:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-08 23:10:55 ----A---- C:\Windows\system32\iernonce.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-08 23:10:54 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-08 23:10:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-08 23:10:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-08 23:10:54 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-08 23:10:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-08 23:10:53 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-08 23:10:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-08 23:10:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-08 23:10:53 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-08 23:10:53 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-08 23:10:53 ----A---- C:\Windows\system32\urlmon.dll
2014-07-08 23:10:53 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-08 23:10:53 ----A---- C:\Windows\system32\iesetup.dll
2014-07-08 23:10:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-08 23:10:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-08 23:10:53 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-08 23:10:53 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-08 23:10:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-08 23:10:52 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-08 23:10:52 ----A---- C:\Windows\system32\ieui.dll
2014-07-08 23:10:52 ----A---- C:\Windows\system32\iertutil.dll
2014-07-08 23:10:52 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\wininet.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\vbscript.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\jscript9.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-08 23:10:51 ----A---- C:\Windows\system32\ieframe.dll
2014-07-08 23:10:51 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-08 23:10:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-08 23:10:50 ----A---- C:\Windows\system32\msrating.dll
2014-07-08 23:10:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-08 23:10:50 ----A---- C:\Windows\system32\mshtml.dll
2014-07-08 23:06:33 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-08 23:06:33 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-08 23:06:33 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-08 23:04:22 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-07-08 23:04:22 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-07-08 23:04:22 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-07-08 23:04:22 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-07-08 23:04:21 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2014-07-08 23:04:21 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-07-08 23:04:21 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-07-08 23:04:21 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-07-08 23:04:21 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2014-07-08 23:04:21 ----A---- C:\Windows\system32\wksprtPS.dll
2014-07-08 23:04:21 ----A---- C:\Windows\system32\wksprt.exe
2014-07-08 23:04:21 ----A---- C:\Windows\system32\TSWbPrxy.exe
2014-07-08 23:04:21 ----A---- C:\Windows\system32\tsgqec.dll
2014-07-08 23:04:21 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-07-08 23:04:21 ----A---- C:\Windows\system32\mstsc.exe
2014-07-08 23:04:21 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2014-07-08 23:04:11 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-07-08 23:04:11 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-07-06 15:25:15 ----RD---- C:\Users\Marek Khúla\AppData\Roaming\SecuROM
2014-07-06 15:24:01 ----D---- C:\Windows\SYSWOW64\URTTEMP
2014-07-06 15:23:24 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-07-06 15:23:24 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2014-07-05 23:30:18 ----D---- C:\Users\Marek Khúla\AppData\Roaming\PDM
2014-07-05 18:42:50 ----D---- C:\Users\Marek Khúla\AppData\Roaming\BANDISOFT

======List of files/folders modified in the last 1 month======

2014-07-30 22:35:32 ----D---- C:\Windows\Temp
2014-07-30 22:34:37 ----D---- C:\Windows\system32\config
2014-07-30 22:33:45 ----A---- C:\Windows\SYSWOW64\log.txt
2014-07-30 22:33:34 ----RD---- C:\Program Files (x86)
2014-07-30 22:33:34 ----D---- C:\Windows\system32\drivers
2014-07-30 22:31:48 ----D---- C:\Windows\System32
2014-07-30 22:29:35 ----D---- C:\Windows\PLA
2014-07-30 19:51:28 ----HD---- C:\ProgramData
2014-07-30 17:01:02 ----D---- C:\Windows\tracing
2014-07-30 08:17:40 ----D---- C:\Windows\inf
2014-07-30 08:17:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-30 00:18:55 ----D---- C:\Users\Marek Khúla\AppData\Roaming\TS3Client
2014-07-28 23:10:58 ----D---- C:\Windows
2014-07-28 23:08:00 ----D---- C:\Windows\system32\DriverStore
2014-07-28 23:08:00 ----D---- C:\Windows\system32\catroot
2014-07-28 23:07:59 ----RD---- C:\Program Files
2014-07-28 23:07:57 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-28 23:07:57 ----D---- C:\Windows\SYSWOW64\drivers
2014-07-28 23:07:56 ----SHD---- C:\System Volume Information
2014-07-28 23:07:39 ----D---- C:\ProgramData\InstallShield
2014-07-28 23:05:50 ----D---- C:\Windows\system32\Tasks
2014-07-28 23:05:02 ----A---- C:\Windows\Ascd_tmp.ini
2014-07-28 23:04:49 ----A---- C:\Windows\Language_trs.ini
2014-07-28 22:59:51 ----D---- C:\Windows\SysWOW64
2014-07-28 22:50:54 ----A---- C:\Windows\Ascd_log.ini
2014-07-28 22:37:16 ----D---- C:\Windows\Microsoft.NET
2014-07-28 22:20:00 ----SHD---- C:\Windows\Installer
2014-07-28 22:20:00 ----SHD---- C:\Config.Msi
2014-07-28 22:20:00 ----D---- C:\ProgramData\AMD
2014-07-28 22:19:59 ----D---- C:\Program Files (x86)\Common Files
2014-07-28 22:19:41 ----D---- C:\Windows\system32\catroot2
2014-07-28 22:09:33 ----D---- C:\ProgramData\Origin
2014-07-28 11:17:48 ----RSD---- C:\Windows\assembly
2014-07-28 10:07:08 ----D---- C:\Program Files (x86)\Intel
2014-07-28 10:07:04 ----D---- C:\Program Files\Intel
2014-07-28 10:06:30 ----D---- C:\Intel
2014-07-27 12:06:26 ----D---- C:\ProgramData\Sony
2014-07-27 11:55:51 ----D---- C:\ProgramData\Media Center Programs
2014-07-27 02:32:54 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-27 02:28:42 ----D---- C:\Program Files\Common Files
2014-07-27 02:27:35 ----D---- C:\ProgramData\Ubisoft
2014-07-27 02:23:45 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Ubisoft
2014-07-25 23:55:17 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Origin
2014-07-25 23:52:01 ----D---- C:\ProgramData\Electronic Arts
2014-07-25 18:35:59 ----D---- C:\Users\Marek Khúla\AppData\Roaming\uTorrent
2014-07-24 17:55:06 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-24 17:55:05 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-22 19:31:03 ----D---- C:\Windows\SYSWOW64\directx
2014-07-20 16:32:42 ----D---- C:\ProgramData\BioWare
2014-07-20 15:10:45 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-07-20 15:10:44 ----A---- C:\Windows\system32\javaws.exe
2014-07-20 15:10:44 ----A---- C:\Windows\system32\javaw.exe
2014-07-20 15:10:44 ----A---- C:\Windows\system32\java.exe
2014-07-20 15:09:18 ----D---- C:\Users\Marek Khúla\AppData\Roaming\Skype
2014-07-20 15:08:18 ----D---- C:\ProgramData\Skype
2014-07-16 21:22:14 ----D---- C:\Windows\winsxs
2014-07-16 21:22:13 ----A---- C:\Windows\system32\aswBoot.exe
2014-07-16 21:20:04 ----D---- C:\ProgramData\AVAST Software
2014-07-16 17:53:04 ----D---- C:\Windows\debug
2014-07-15 18:39:29 ----D---- C:\Program Files\TeamSpeak 3 Client
2014-07-14 23:41:37 ----RSD---- C:\Windows\Fonts
2014-07-11 23:20:27 ----SHD---- C:\$Recycle.Bin
2014-07-10 00:42:57 ----D---- C:\Windows\rescache
2014-07-09 01:02:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-07-09 01:02:07 ----D---- C:\Windows\system32\cs-CZ
2014-07-08 23:47:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-08 23:14:39 ----SD---- C:\Windows\system32\CompatTel
2014-07-08 23:14:39 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-08 23:14:39 ----D---- C:\Windows\system32\Dism
2014-07-08 23:14:39 ----D---- C:\Windows\ehome
2014-07-08 23:14:39 ----D---- C:\Program Files\Windows Journal
2014-07-08 23:14:38 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-08 23:14:38 ----D---- C:\Windows\system32\en-US
2014-07-08 23:14:38 ----D---- C:\Program Files\Internet Explorer
2014-07-08 23:14:38 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-08 23:13:54 ----D---- C:\Windows\system32\MRT
2014-07-08 23:13:09 ----A---- C:\Windows\system32\MRT.exe
2014-07-08 23:12:53 ----D---- C:\ProgramData\Microsoft Help
2014-07-08 23:06:51 ----D---- C:\Windows\SYSWOW64\wbem
2014-07-08 23:06:51 ----D---- C:\Windows\system32\wbem
2014-07-08 23:06:51 ----D---- C:\Windows\system32\drivers\en-US
2014-07-06 15:24:39 ----D---- C:\Windows\registration
2014-07-06 15:24:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-16 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-16 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-11-29 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-04 16152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-08-21 19600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-16 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-16 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-16 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-26 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2014-07-27 31648]
R1 ndisrd;WinpkFilter LightWeight Filter; C:\Windows\system32\DRIVERS\ndisrd.sys [2011-08-12 32360]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-16 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-16 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-16 92008]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-09-07 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-09-07 46400]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-03 11576]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-04-18 15376384]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-04-18 638976]
R3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-12-19 94720]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2010-08-17 26136]
R3 IGFX;IGFX; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-05-21 3791872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-13 4718952]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-05-21 450520]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-04 355096]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-04 786200]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
R3 VirtuWDDM;VirtuWDDM; C:\Windows\system32\DRIVERS\VirtuWDDM.sys [2014-04-29 94440]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 13824]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2014-01-23 37344]
S3 MWAC;MWAC; \??\C:\Windows\system32\drivers\ []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-04-18 239616]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2011-10-29 918448]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-02-02 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.21\AsusFanControlService.exe [2012-01-13 1478272]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-16 50344]
R2 EMP_UDSA;EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [2009-04-15 98304]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-05-21 315352]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-07 277784]
R2 LucidSvc;LucidSvc; C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\LucidSvc.exe [2014-04-29 20712]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-07-06 66872]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-05-27 160768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-14 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-05-21 279000]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; D:\folder\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-07-19 25832]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-14 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-22 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu - zásek PC

#10 Příspěvek od Márty84 »

Jeste jeden sken a budem mazat.


:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Morph
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 kvě 2013 20:31

Re: Prosím o kontrolu - zásek PC

#11 Příspěvek od Morph »

Dobrý deň,

prikladám požadovný log, ale len OTL.txt, pretože ten druhý (Extras.txt) sa mi neotvoril a neviem ho nájsť ani v PC. Logy sa mi podrailo vytvoriť až na 4 pokus, keďže pri prvých 2 (so scriptom aj nastavením) som dostal nejakú chybovú hlášku (bohužiaľ som si nezapísal ani nevyfotil danú hlášku), po reštarte pri 3 pokuse som zabudol dať Váš script, ale log Extrax.txt mi vytvoril, tak som vymazal obe logy a reštartoval PC a skúsil znova tentokrát aj so scriptom a s nastavením čo ste mi napísali a hodil mi už len zmienený log OTL.txt a Extras nikde. Je mi jasné, že som spravil chybu, snaď som toho veľa zlého nespôsobil. Predom ďakujem za odpoveď a ospravedlňujem sa za nedbalosť.


OTL.txt

OTL logfile created on: 31. 7. 2014 18:53:48 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marek Khúla\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000405 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

7,89 Gb Total Physical Memory | 5,83 Gb Available Physical Memory | 73,89% Memory free
15,77 Gb Paging File | 13,23 Gb Available in Paging File | 83,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 35,64 Gb Free Space | 31,88% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 587,07 Gb Free Space | 63,02% Space Free | Partition Type: NTFS

Computer Name: COMPUTER | User Name: Marek Khúla | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/07/31 17:50:44 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/07/30 22:51:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marek Khúla\Desktop\OTL.exe
PRC - [2014/07/16 21:22:12 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/07/06 15:23:24 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014/06/21 23:54:18 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Users\Marek Khúla\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/04/29 08:37:14 | 001,872,896 | ---- | M] (Software Security System) -- C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\Ekag20nt.exe
PRC - [2013/12/21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/24 00:39:14 | 001,017,224 | ---- | M] (Flux Software LLC) -- C:\Users\Marek Khúla\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Updater\Updater.exe
PRC - [2012/02/08 19:10:34 | 001,111,680 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2012/02/08 14:05:50 | 003,111,552 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
PRC - [2012/02/07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/02 15:20:32 | 000,889,984 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
PRC - [2012/02/02 11:56:36 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/01/13 06:44:02 | 001,478,272 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.21\AsusFanControlService.exe
PRC - [2012/01/10 09:39:40 | 001,501,824 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/01/04 21:59:50 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/01/04 14:13:24 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2011/11/29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/11/14 17:13:02 | 001,117,312 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
PRC - [2011/10/29 03:59:26 | 000,918,448 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
PRC - [2010/11/26 21:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2010/11/21 05:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/10/21 11:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
PRC - [2009/04/15 20:16:44 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe


========== Modules (No Company Name) ==========

MOD - [2014/07/16 21:22:13 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/07/16 21:22:12 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2014/05/14 18:50:50 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6b81a58601cb555dd9e63bc05557751b\IAStorUtil.ni.dll
MOD - [2014/05/14 18:21:21 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014/04/29 08:58:02 | 000,605,928 | ---- | M] () -- C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\x86\LoaderExtension.dll
MOD - [2014/02/12 10:09:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/12 10:09:36 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/12 10:09:33 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/12 10:09:31 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/12 10:09:24 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/12 10:09:21 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013/07/08 14:43:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2012/02/09 17:09:38 | 001,118,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2012/02/02 15:12:48 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
MOD - [2012/01/20 10:17:16 | 000,150,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
MOD - [2011/12/29 20:45:12 | 001,296,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2011/12/29 11:13:20 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2011/12/28 11:18:44 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/10/07 15:30:44 | 001,047,552 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2011/09/26 18:37:26 | 001,616,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2011/09/20 18:11:28 | 000,985,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/09/08 15:23:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2010/11/13 04:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/08/23 04:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/07/16 21:22:12 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/06/19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/05/21 17:15:44 | 000,315,352 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2014/04/29 09:02:56 | 000,020,712 | ---- | M] (LucidLogix) [Auto | Running] -- C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\LucidSvc.exe -- (LucidSvc)
SRV:64bit: - [2014/04/18 03:29:24 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2014/07/19 23:10:34 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- D:\folder\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe -- (DAUpdaterSvc)
SRV - [2014/07/16 04:28:18 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/07/08 23:47:11 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/07/06 15:23:24 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014/06/06 06:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/21 17:15:44 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/12/21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Running] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/02/07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/02/02 11:56:36 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/01/13 06:44:02 | 001,478,272 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.21\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/10/29 03:59:26 | 000,918,448 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/10/21 11:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/15 20:16:44 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe -- (EMP_UDSA)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/07/30 22:33:34 | 000,000,000 | ---D | M] [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ -- (MWAC)
DRV:64bit: - [2014/07/27 11:48:03 | 000,031,648 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV:64bit: - [2014/07/16 21:22:20 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/07/16 21:22:14 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/07/16 21:22:14 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/07/16 21:22:14 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/07/16 21:22:13 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/07/16 21:22:13 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/07/16 21:22:13 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/07/16 21:22:13 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/06/26 19:05:09 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014/05/21 17:15:40 | 003,791,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (IGFX)
DRV:64bit: - [2014/05/21 17:15:32 | 000,450,520 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014/04/29 09:02:58 | 000,094,440 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2014/04/18 04:36:46 | 015,376,384 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014/04/18 03:07:06 | 000,638,976 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/12/19 18:45:50 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/10/02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/07 10:50:58 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2013/09/07 10:50:58 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2013/08/29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/21 11:13:11 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/07/17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/04 21:58:50 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/04 21:58:50 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/04 21:58:50 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/09/29 11:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/08/12 12:13:36 | 000,032,360 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/08/17 19:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2010/06/14 10:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/01/03 23:50:28 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2014/01/23 11:22:58 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2011/06/02 11:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2010/06/14 10:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1325416706-420989168-3387538490-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
IE - HKU\S-1-5-21-1325416706-420989168-3387538490-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B0 88 F0 8E 03 90 CD 01 [binary data]
IE - HKU\S-1-5-21-1325416706-420989168-3387538490-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1325416706-420989168-3387538490-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-1325416706-420989168-3387538490-1000\..\SearchScopes\{EAB43F9D-A7BF-4593-ADA1-4D192DA34647}: "URL" = https://search.yahoo.com/search?fr=chr- ... earchTerms}
IE - HKU\S-1-5-21-1325416706-420989168-3387538490-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1325416706-420989168-3387538490-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - prefs.js..keyword.URL: "https://search.yahoo.com/search?fr=gree ... =501549&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.11.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marek Khúla\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marek Khúla\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/07/16 21:22:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2013/01/12 19:58:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek Khúla\AppData\Roaming\mozilla\Extensions
[2013/01/22 11:35:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions
[2013/01/22 11:35:20 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2014/03/22 19:57:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\Profiles\s2znmqiy.default\extensions
[2014/07/27 22:24:15 | 000,008,141 | ---- | M] () -- C:\Users\Marek Khúla\AppData\Roaming\mozilla\firefox\profiles\s2znmqiy.default\searchplugins\yahoo_ff.xml
[2014/06/26 18:59:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/27 02:32:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.sk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Marek KhĂşla\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Marek KhĂşla\AppData\Local\Google\Chrome\Application\36.0.1985.125\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Marek KhĂşla\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Marek KhĂşla\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Marek KhĂşla\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: AdBlock = C:\Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.9_0\
CHR - Extension: Peněženka Google = C:\Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Balsamiq Mockups = C:\Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbmgaodhjmbklkgkgmlghaekcfhhkk\2.2.42_0\

O1 HOSTS File: ([2013/07/22 23:14:21 | 000,000,938 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 87.248.214.183 static3.cdn.Ubi.com
O1 - Hosts: 95.140.224.199 static2.cdn.Ubi.com
O1 - Hosts: 87.248.214.183 static1.cdn.Ubi.com
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VIRTU MVP 2.0] C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\MVPControlPanel20.Exe ()
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EPSON_UD_START] C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [StartCCC] C:\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1325416706-420989168-3387538490-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1325416706-420989168-3387538490-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1325416706-420989168-3387538490-1000..\Run: [F.lux] C:\Users\Marek Khúla\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B358624E-F80C-43E6-8FF4-B404486856FB}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\appinit_dll.dll) - C:\Windows\SysNative\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\appinit_dll.dll) - C:\Windows\SysWOW64\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/07/30 22:51:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marek Khúla\Desktop\OTL.exe
[2014/07/30 19:51:37 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Roaming\Malwarebytes
[2014/07/30 19:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/07/30 19:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/07/28 23:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS OC Profiles
[2014/07/28 23:07:59 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2014/07/28 23:07:14 | 000,032,360 | R--- | C] (NT Kernel Resources) -- C:\Windows\SysNative\drivers\ndisrd.sys
[2014/07/28 23:06:00 | 000,184,320 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\drivers\UpdateHelper.dll
[2014/07/28 23:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2014/07/28 23:05:18 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2014/07/28 23:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\mvp
[2014/07/28 22:59:53 | 000,094,440 | ---- | C] (Lucidlogix Inc.) -- C:\Windows\SysNative\drivers\VirtuWDDM.sys
[2014/07/28 22:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIRTU MVP 2.0
[2014/07/28 22:59:51 | 000,532,200 | ---- | C] (Lucidlogix Inc.) -- C:\Windows\SysNative\appinit_dll.dll
[2014/07/28 22:59:51 | 000,482,536 | ---- | C] (Lucidlogix Inc.) -- C:\Windows\SysWow64\appinit_dll.dll
[2014/07/28 22:59:51 | 000,000,000 | ---D | C] -- C:\Program Files\Lucidlogix Technologies
[2014/07/28 22:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Lucidlogix
[2014/07/28 22:54:12 | 000,000,000 | RHSD | C] -- C:\ProgramData\Key-Base
[2014/07/28 22:53:17 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\Lucidlogix
[2014/07/28 22:51:40 | 000,028,672 | R--- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
[2014/07/28 22:51:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2014/07/28 22:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/07/28 22:19:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014/07/28 22:19:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014/07/28 22:19:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014/07/28 22:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014/07/28 22:19:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014/07/28 22:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014/07/28 22:18:00 | 000,000,000 | ---D | C] -- C:\AMD
[2014/07/28 21:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2014/07/28 21:48:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[2014/07/28 18:10:52 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/07/28 18:09:49 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/07/28 15:01:33 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Roaming\Trine2
[2014/07/28 11:18:23 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\Documents\DeadIsland
[2014/07/28 10:08:00 | 000,000,000 | -HSD | C] -- C:\Users\Marek Khúla\IntelGraphicsProfiles
[2014/07/28 10:07:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2014/07/28 09:45:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2014/07/28 09:45:14 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2014/07/28 09:41:52 | 000,734,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\MetroIntelGenericUIFramework.dll
[2014/07/28 09:41:51 | 002,023,936 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2014/07/28 09:41:51 | 001,137,080 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2014/07/28 09:41:51 | 001,132,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2014/07/28 09:41:51 | 000,655,360 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxDH.dll
[2014/07/28 09:41:51 | 000,501,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxEM.exe
[2014/07/28 09:41:51 | 000,444,376 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTray.exe
[2014/07/28 09:41:51 | 000,373,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxOSP.dll
[2014/07/28 09:41:51 | 000,358,912 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2014/07/28 09:41:51 | 000,315,352 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCUIService.exe
[2014/07/28 09:41:51 | 000,294,912 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2014/07/28 09:41:51 | 000,279,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2014/07/28 09:41:51 | 000,267,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxDI.dll
[2014/07/28 09:41:51 | 000,249,856 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxLHM.dll
[2014/07/28 09:41:51 | 000,244,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxHK.exe
[2014/07/28 09:41:51 | 000,218,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2014/07/28 09:41:51 | 000,212,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxDTCM.dll
[2014/07/28 09:41:51 | 000,191,448 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2014/07/28 09:41:51 | 000,187,408 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2014/07/28 09:41:51 | 000,183,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2014/07/28 09:41:51 | 000,182,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v3621.dll
[2014/07/28 09:41:51 | 000,158,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2014/07/28 09:41:51 | 000,064,000 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\Intel_OpenCL_ICD64.dll
[2014/07/28 09:41:51 | 000,060,416 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll
[2014/07/28 09:41:51 | 000,031,408 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2014/07/28 09:41:51 | 000,030,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2014/07/28 09:41:50 | 023,048,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll
[2014/07/28 09:41:50 | 016,586,584 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumdim64.dll
[2014/07/28 09:41:50 | 016,114,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdim32.dll
[2014/07/28 09:41:50 | 004,590,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdusc64.dll
[2014/07/28 09:41:50 | 003,791,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2014/07/28 09:41:50 | 003,658,520 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdusc32.dll
[2014/07/28 09:41:50 | 001,755,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2014/07/28 09:41:50 | 001,673,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
[2014/07/28 09:41:50 | 001,551,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
[2014/07/28 09:41:50 | 000,182,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfx11cmrt64.dll
[2014/07/28 09:41:50 | 000,155,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfx11cmrt32.dll
[2014/07/28 09:41:49 | 018,032,640 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll
[2014/07/28 09:41:49 | 017,791,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10iumd64.dll
[2014/07/28 09:41:49 | 017,409,536 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10iumd32.dll
[2014/07/28 09:41:49 | 008,120,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig7icd64.dll
[2014/07/28 09:41:49 | 006,364,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig7icd32.dll
[2014/07/28 09:41:49 | 004,342,744 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\Gfxv4_0.exe
[2014/07/28 09:41:49 | 004,339,160 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\Gfxv2_0.exe
[2014/07/28 09:41:49 | 000,930,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUIEx.exe
[2014/07/28 09:41:49 | 000,544,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\DPTopologyApp.exe
[2014/07/28 09:41:49 | 000,543,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\DPTopologyAppv2_0.exe
[2014/07/28 09:41:49 | 000,330,240 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
[2014/07/28 09:41:49 | 000,291,328 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
[2014/07/28 09:41:49 | 000,153,048 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2014/07/28 09:41:48 | 000,450,520 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2014/07/28 09:41:48 | 000,393,176 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\CustomModeApp.exe
[2014/07/28 09:41:48 | 000,392,664 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\CustomModeAppv2_0.exe
[2014/07/27 19:03:38 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/07/27 19:03:38 | 000,000,000 | ---D | C] -- C:\rsit
[2014/07/27 11:48:03 | 000,031,648 | ---- | C] (REALiX(tm)) -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS
[2014/07/26 13:12:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EA Games
[2014/07/26 13:12:55 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\Documents\EA Games
[2014/07/25 23:54:53 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Local\Origin
[2014/07/25 23:52:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2014/07/25 23:34:42 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Local\Spotify
[2014/07/25 23:33:40 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Roaming\Spotify
[2014/07/25 17:18:44 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Local\FluxSoftware
[2014/07/23 08:01:03 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\Desktop\Mama veci
[2014/07/22 18:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
[2014/07/20 15:10:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/07/20 15:08:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/07/20 15:07:30 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/07/20 15:07:26 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/07/20 15:07:26 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/07/20 15:07:26 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/07/20 15:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/07/19 01:17:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst
[2014/07/19 00:41:36 | 000,000,000 | ---D | C] -- C:\Dragon Age
[2014/07/19 00:37:10 | 000,000,000 | ---D | C] -- C:\Dragon Age II
[2014/07/18 21:57:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/07/16 21:23:02 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Roaming\AVAST Software
[2014/07/16 21:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/07/16 21:22:15 | 001,041,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/07/16 21:22:15 | 000,427,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/07/16 21:22:15 | 000,092,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/07/16 21:22:15 | 000,079,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/07/16 21:22:14 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/07/16 21:22:13 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/07/16 17:20:08 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Local\d2mp
[2014/07/14 23:52:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ABF software
[2014/07/10 23:27:44 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Roaming\Apple Computer
[2014/07/10 23:27:44 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Local\Apple Computer
[2014/07/10 23:27:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/07/10 23:27:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014/07/10 23:27:27 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/07/10 23:27:17 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Local\Apple
[2014/07/10 23:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/07/08 23:28:19 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/07/08 23:28:19 | 005,694,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/07/08 23:11:14 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/07/08 23:11:14 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/07/08 23:10:57 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/07/08 23:10:57 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/07/08 23:10:57 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/07/08 23:10:57 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/07/08 23:10:56 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/07/08 23:10:55 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/07/08 23:10:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/07/08 23:10:55 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/07/08 23:10:54 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/07/08 23:10:54 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/07/08 23:10:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/07/08 23:10:54 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/07/08 23:10:54 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/07/08 23:10:54 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/07/08 23:10:54 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/07/08 23:10:53 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/07/08 23:10:53 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/07/08 23:10:53 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/07/08 23:10:53 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/07/08 23:10:53 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/07/08 23:10:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/07/08 23:10:53 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/07/08 23:10:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/07/08 23:10:52 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/07/08 23:10:52 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/07/08 23:10:52 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/07/08 23:10:52 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/07/08 23:10:52 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/07/08 23:10:52 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/07/08 23:10:52 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/07/08 23:10:51 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/07/08 23:10:51 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/07/08 23:10:51 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/07/08 23:10:51 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/07/08 23:10:51 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/07/08 23:10:51 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/07/08 23:10:51 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/07/08 23:10:50 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/07/08 23:10:50 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/07/08 23:10:50 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/07/08 23:06:33 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/07/08 23:04:22 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014/07/08 23:04:22 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014/07/08 23:04:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014/07/08 23:04:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014/07/08 23:04:21 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/07/08 23:04:21 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/07/08 23:04:21 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/07/08 23:04:21 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/07/08 23:04:21 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014/07/08 23:04:21 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014/07/08 23:04:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/07/08 23:04:21 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014/07/08 23:04:21 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/07/08 23:04:21 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014/07/08 23:04:21 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014/07/08 23:04:21 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014/07/08 23:04:11 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/07/08 23:04:11 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/07/06 15:25:15 | 000,000,000 | R--D | C] -- C:\Users\Marek Khúla\AppData\Roaming\SecuROM
[2014/07/06 15:25:13 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Local\GameSpy
[2014/07/06 15:25:10 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Local\ApplicationHistory
[2014/07/06 15:24:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2014/07/06 09:42:49 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\Documents\BioWare
[2014/07/05 23:30:18 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Roaming\PDM
[2014/07/05 18:42:50 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Roaming\BANDISOFT
[2014/07/05 00:51:07 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/07/31 18:54:52 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/07/31 18:52:47 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce7f7ce779dc19.job
[2014/07/31 18:52:44 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2014/07/31 18:52:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/31 18:52:38 | 2056,740,863 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/31 18:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/31 18:32:41 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6a4b1e881dc4.job
[2014/07/31 17:59:28 | 000,000,986 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1325416706-420989168-3387538490-1000UA1cf8d9b5dde311a.job
[2014/07/31 17:56:47 | 001,619,998 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/31 17:56:47 | 000,672,502 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014/07/31 17:56:47 | 000,666,072 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/31 17:56:47 | 000,147,350 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014/07/31 17:56:47 | 000,127,142 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/31 17:55:39 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/31 17:55:39 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/30 23:59:00 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1325416706-420989168-3387538490-1000Core1cf6a4e8bc3a8a1.job
[2014/07/30 22:51:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marek Khúla\Desktop\OTL.exe
[2014/07/28 23:41:27 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/07/28 23:41:27 | 000,000,980 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2014/07/28 23:41:27 | 000,000,967 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\TeamSpeak 3 Client.lnk
[2014/07/28 23:41:27 | 000,000,872 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/07/28 23:41:27 | 000,000,862 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\HWiNFO64 Program.lnk
[2014/07/28 23:27:15 | 004,708,656 | ---- | M] () -- C:\Windows\PE_Rom.dll
[2014/07/28 23:05:02 | 000,038,459 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2014/07/28 23:04:49 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2014/07/28 22:50:54 | 000,050,808 | ---- | M] () -- C:\Windows\Ascd_log.ini
[2014/07/28 21:48:36 | 000,000,932 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\HD Tune.lnk
[2014/07/28 18:09:11 | 001,365,543 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\adwcleaner_3.301.exe
[2014/07/28 11:09:15 | 000,000,202 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\Trine 2.url
[2014/07/28 10:08:11 | 000,018,734 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2014/07/28 10:07:16 | 000,000,700 | ---- | M] () -- C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
[2014/07/27 23:01:01 | 000,000,203 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\Dead Island Epidemic.url
[2014/07/27 20:59:59 | 000,000,203 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\Dead Island Riptide.url
[2014/07/27 18:50:24 | 000,007,597 | ---- | M] () -- C:\Users\Marek Khúla\AppData\Local\Resmon.ResmonCfg
[2014/07/27 16:40:11 | 000,000,202 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\Dead Island.url
[2014/07/27 11:48:03 | 000,031,648 | ---- | M] (REALiX(tm)) -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS
[2014/07/25 23:52:01 | 000,000,535 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2014/07/25 23:34:42 | 000,001,843 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\Spotify.lnk
[2014/07/22 23:37:47 | 000,000,751 | ---- | M] () -- C:\Users\Public\Desktop\Bioshock Infinite.lnk
[2014/07/20 15:10:45 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014/07/20 15:10:44 | 000,321,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014/07/20 15:10:44 | 000,191,400 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014/07/20 15:10:44 | 000,190,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014/07/20 15:07:22 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/07/20 15:07:21 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/07/20 15:07:21 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/07/20 15:07:21 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/07/19 01:17:28 | 000,001,540 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Age II.lnk
[2014/07/17 22:25:39 | 000,000,202 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\Dragon Age Origins - Ultimate Edition.url
[2014/07/16 21:22:20 | 000,427,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/07/16 21:22:14 | 001,041,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/07/16 21:22:14 | 000,224,896 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/07/16 21:22:14 | 000,092,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/07/16 21:22:13 | 000,307,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/07/16 21:22:13 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/07/16 21:22:13 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/07/16 21:22:13 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/07/16 21:22:13 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/07/16 21:22:13 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/07/16 10:04:42 | 000,000,200 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\Left 4 Dead 2.url
[2014/07/15 17:56:10 | 004,976,056 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/14 23:52:50 | 000,000,097 | ---- | M] () -- C:\Windows\CSS.key
[2014/07/08 23:47:11 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/07/08 23:47:11 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/07/07 22:20:58 | 000,000,000 | ---- | M] () -- C:\dummy.wav
[2014/07/06 18:57:48 | 000,000,199 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\Counter-Strike.url
[2014/07/06 18:10:51 | 000,001,143 | ---- | M] () -- C:\Windows\eReg.dat
[2014/07/06 15:25:10 | 000,000,099 | ---- | M] () -- C:\Users\Marek Khúla\AppData\Local\fusioncache.dat
[2014/07/06 15:24:18 | 001,635,884 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/07/06 15:23:33 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/07/06 15:23:24 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/07/06 15:22:29 | 000,000,202 | ---- | M] () -- C:\Users\Marek Khúla\Desktop\Crysis.url
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/07/30 22:55:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/07/28 23:10:58 | 004,708,656 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2014/07/28 22:59:47 | 000,000,000 | ---- | C] () -- C:\ProgramData\193847656
[2014/07/28 22:51:40 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2014/07/28 22:51:37 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2014/07/28 21:48:36 | 000,000,932 | ---- | C] () -- C:\Users\Marek Khúla\Desktop\HD Tune.lnk
[2014/07/28 18:09:08 | 001,365,543 | ---- | C] () -- C:\Users\Marek Khúla\Desktop\adwcleaner_3.301.exe
[2014/07/28 11:09:15 | 000,000,202 | ---- | C] () -- C:\Users\Marek Khúla\Desktop\Trine 2.url
[2014/07/28 10:08:11 | 000,018,734 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2014/07/28 10:07:16 | 000,000,700 | ---- | C] () -- C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
[2014/07/28 09:41:53 | 000,187,348 | RHS- | C] () -- C:\Windows\SysNative\resTHA.cui
[2014/07/28 09:41:53 | 000,180,164 | RHS- | C] () -- C:\Windows\SysNative\resELL.cui
[2014/07/28 09:41:53 | 000,176,020 | RHS- | C] () -- C:\Windows\SysNative\resRUS.cui
[2014/07/28 09:41:53 | 000,161,876 | RHS- | C] () -- C:\Windows\SysNative\resARA.cui
[2014/07/28 09:41:53 | 000,161,332 | RHS- | C] () -- C:\Windows\SysNative\resHEB.cui
[2014/07/28 09:41:53 | 000,161,268 | RHS- | C] () -- C:\Windows\SysNative\resJPN.cui
[2014/07/28 09:41:53 | 000,156,692 | RHS- | C] () -- C:\Windows\SysNative\resFRA.cui
[2014/07/28 09:41:53 | 000,156,676 | RHS- | C] () -- C:\Windows\SysNative\resHUN.cui
[2014/07/28 09:41:53 | 000,154,980 | RHS- | C] () -- C:\Windows\SysNative\resKOR.cui
[2014/07/28 09:41:53 | 000,154,884 | RHS- | C] () -- C:\Windows\SysNative\resITA.cui
[2014/07/28 09:41:53 | 000,154,884 | RHS- | C] () -- C:\Windows\SysNative\resDEU.cui
[2014/07/28 09:41:53 | 000,154,724 | RHS- | C] () -- C:\Windows\SysNative\resROM.cui
[2014/07/28 09:41:53 | 000,154,612 | RHS- | C] () -- C:\Windows\SysNative\resESN.cui
[2014/07/28 09:41:53 | 000,154,180 | RHS- | C] () -- C:\Windows\SysNative\resPLK.cui
[2014/07/28 09:41:53 | 000,154,036 | RHS- | C] () -- C:\Windows\SysNative\resSKY.cui
[2014/07/28 09:41:53 | 000,153,844 | RHS- | C] () -- C:\Windows\SysNative\resNLD.cui
[2014/07/28 09:41:53 | 000,153,284 | RHS- | C] () -- C:\Windows\SysNative\resPTB.cui
[2014/07/28 09:41:53 | 000,153,140 | RHS- | C] () -- C:\Windows\SysNative\resTRK.cui
[2014/07/28 09:41:53 | 000,153,108 | RHS- | C] () -- C:\Windows\SysNative\resCSY.cui
[2014/07/28 09:41:53 | 000,152,980 | RHS- | C] () -- C:\Windows\SysNative\resPTG.cui
[2014/07/28 09:41:53 | 000,152,564 | RHS- | C] () -- C:\Windows\SysNative\resFIN.cui
[2014/07/28 09:41:53 | 000,152,132 | RHS- | C] () -- C:\Windows\SysNative\resHRV.cui
[2014/07/28 09:41:53 | 000,151,684 | RHS- | C] () -- C:\Windows\SysNative\resSVE.cui
[2014/07/28 09:41:53 | 000,151,508 | RHS- | C] () -- C:\Windows\SysNative\resSLV.cui
[2014/07/28 09:41:53 | 000,150,580 | RHS- | C] () -- C:\Windows\SysNative\resNOR.cui
[2014/07/28 09:41:53 | 000,150,068 | RHS- | C] () -- C:\Windows\SysNative\resDAN.cui
[2014/07/28 09:41:53 | 000,148,756 | RHS- | C] () -- C:\Windows\SysNative\resENU.cui
[2014/07/28 09:41:53 | 000,146,980 | RHS- | C] () -- C:\Windows\SysNative\resCHT.cui
[2014/07/28 09:41:53 | 000,146,148 | RHS- | C] () -- C:\Windows\SysNative\resCHS.cui
[2014/07/28 09:41:51 | 002,813,952 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2014/07/28 09:41:51 | 000,254,976 | ---- | C] () -- C:\Windows\SysNative\igfxCPL.cpl
[2014/07/28 09:41:51 | 000,070,144 | ---- | C] () -- C:\Windows\SysNative\igfxCUIServicePS.dll
[2014/07/28 09:41:51 | 000,069,632 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDHLibv2_0.dll
[2014/07/28 09:41:51 | 000,057,856 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDHLib.dll
[2014/07/28 09:41:51 | 000,044,025 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2014/07/28 09:41:51 | 000,043,816 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2014/07/28 09:41:51 | 000,043,494 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2014/07/28 09:41:51 | 000,043,298 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2014/07/28 09:41:51 | 000,043,256 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2014/07/28 09:41:51 | 000,042,079 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2014/07/28 09:41:51 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDILib.dll
[2014/07/28 09:41:51 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysNative\igfxEMLibv2_0.dll
[2014/07/28 09:41:51 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysNative\igfxEMLib.dll
[2014/07/28 09:41:51 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDILibv2_0.dll
[2014/07/28 09:41:51 | 000,005,120 | ---- | C] ( ) -- C:\Windows\SysNative\igfxLHMLibv2_0.dll
[2014/07/28 09:41:51 | 000,005,120 | ---- | C] ( ) -- C:\Windows\SysNative\igfxLHMLib.dll
[2014/07/28 09:41:51 | 000,002,568 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2014/07/28 09:41:51 | 000,001,125 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2014/07/28 09:41:50 | 000,433,560 | ---- | C] () -- C:\Windows\SysNative\igdmd64.dll
[2014/07/28 09:41:50 | 000,348,088 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2014/07/28 09:41:49 | 000,223,744 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2014/07/28 09:41:49 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/07/28 09:41:49 | 000,160,256 | ---- | C] () -- C:\Windows\SysNative\igdail64.dll
[2014/07/28 09:41:49 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014/07/28 09:41:49 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2014/07/28 09:41:49 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\Gfxv2_0.exe.config
[2014/07/28 09:41:49 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\DPTopologyAppv2_0.exe.config
[2014/07/28 09:41:49 | 000,000,889 | ---- | C] () -- C:\Windows\SysNative\Gfxv4_0.exe.config
[2014/07/28 09:41:49 | 000,000,889 | ---- | C] () -- C:\Windows\SysNative\DPTopologyApp.exe.config
[2014/07/28 09:41:48 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\CustomModeAppv2_0.exe.config
[2014/07/28 09:41:48 | 000,000,889 | ---- | C] () -- C:\Windows\SysNative\CustomModeApp.exe.config
[2014/07/27 23:01:01 | 000,000,203 | ---- | C] () -- C:\Users\Marek Khúla\Desktop\Dead Island Epidemic.url
[2014/07/27 20:59:59 | 000,000,203 | ---- | C] () -- C:\Users\Marek Khúla\Desktop\Dead Island Riptide.url
[2014/07/27 18:50:24 | 000,007,597 | ---- | C] () -- C:\Users\Marek Khúla\AppData\Local\Resmon.ResmonCfg
[2014/07/27 16:40:11 | 000,000,202 | ---- | C] () -- C:\Users\Marek Khúla\Desktop\Dead Island.url
[2014/07/25 23:52:01 | 000,000,535 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2014/07/25 23:34:42 | 000,001,843 | ---- | C] () -- C:\Users\Marek Khúla\Desktop\Spotify.lnk
[2014/07/25 23:34:42 | 000,001,829 | ---- | C] () -- C:\Users\Marek Khúla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2014/07/22 18:36:03 | 000,000,751 | ---- | C] () -- C:\Users\Public\Desktop\Bioshock Infinite.lnk
[2014/07/19 01:17:28 | 000,001,540 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Age II.lnk
[2014/07/17 22:25:39 | 000,000,202 | ---- | C] () -- C:\Users\Marek Khúla\Desktop\Dragon Age Origins - Ultimate Edition.url
[2014/07/16 21:22:25 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/07/16 21:22:15 | 000,224,896 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/07/16 21:22:15 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/07/16 21:22:15 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/07/16 10:04:42 | 000,000,200 | ---- | C] () -- C:\Users\Marek Khúla\Desktop\Left 4 Dead 2.url
[2014/07/14 23:52:50 | 000,000,097 | ---- | C] () -- C:\Windows\CSS.key
[2014/07/07 22:20:58 | 000,000,000 | ---- | C] () -- C:\dummy.wav
[2014/07/06 15:25:10 | 000,000,099 | ---- | C] () -- C:\Users\Marek Khúla\AppData\Local\fusioncache.dat
[2014/07/06 15:23:24 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/07/06 15:23:24 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/07/06 15:22:29 | 000,000,202 | ---- | C] () -- C:\Users\Marek Khúla\Desktop\Crysis.url
[2014/06/07 22:22:30 | 000,001,456 | ---- | C] () -- C:\Users\Marek Khúla\AppData\Local\Adobe Save for Web 13.0 Prefs
[2014/05/31 19:55:39 | 000,000,132 | ---- | C] () -- C:\Users\Marek Khúla\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2014/04/17 22:28:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014/03/25 14:06:05 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2014/03/11 17:58:27 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2014/03/11 17:58:27 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2014/01/10 00:48:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2013/11/03 00:53:56 | 000,017,408 | ---- | C] () -- C:\Users\Marek Khúla\AppData\Local\WebpageIcons.db
[2013/10/08 15:39:08 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/10/08 15:39:08 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/09/17 20:28:27 | 000,000,051 | ---- | C] () -- C:\Users\Marek Khúla\jagex_cl_oldschool_LIVE.dat
[2013/07/21 17:35:14 | 000,000,051 | ---- | C] () -- C:\Users\Marek Khúla\jagex_cl_runescape_LIVE.dat
[2013/07/21 17:35:14 | 000,000,024 | ---- | C] () -- C:\Users\Marek Khúla\random.dat
[2013/01/22 16:53:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/01/22 14:30:40 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/01/22 11:55:56 | 001,635,884 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/12/09 21:53:30 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
[2012/12/09 20:34:11 | 000,000,281 | ---- | C] () -- C:\Users\Marek Khúla\AppData\Roaming\GPU MeterV2_Settings.ini
[2012/11/29 18:27:43 | 000,000,132 | ---- | C] () -- C:\Users\Marek Khúla\AppData\Roaming\Filtr IIIExport Adobe CS5 – předvolby
[2012/11/21 15:10:20 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/11/20 00:43:55 | 000,001,143 | ---- | C] () -- C:\Windows\eReg.dat
[2012/11/18 17:21:12 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/11/06 22:44:37 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2012/09/28 03:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/09/28 03:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
Naposledy upravil(a) Morph dne 31 črc 2014 18:52, celkem upraveno 1 x.

Morph
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 kvě 2013 20:31

Re: Prosím o kontrolu - zásek PC

#12 Příspěvek od Morph »

========== LOP Check ==========

[2014/06/01 18:37:59 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\.minecraft
[2014/01/10 00:37:59 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\.technic
[2014/07/16 21:23:02 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\AVAST Software
[2014/07/05 18:42:50 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\BANDISOFT
[2013/01/22 11:35:18 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\DAEMON Tools Lite
[2013/12/29 14:03:22 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Dropbox
[2014/02/26 14:41:59 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\GameSave Manager 2
[2014/02/27 04:36:04 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\GameSave Manager 3
[2014/06/22 14:16:01 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\GHISLER
[2013/12/16 00:20:17 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\IsolatedStorage
[2014/05/26 11:14:42 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\library_dir
[2014/03/11 00:27:44 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Mumble
[2014/06/29 17:16:55 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Notepad++
[2014/07/25 23:55:17 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Origin
[2014/07/05 23:30:18 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\PDM
[2014/02/02 23:18:45 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\PhotoScape
[2013/09/22 16:58:30 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Publish Providers
[2013/01/22 11:35:20 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\PunkBuster
[2014/05/11 15:32:34 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Samsung
[2013/11/01 00:34:58 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Sony
[2013/10/11 01:21:10 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Sony Creative Software Inc
[2013/09/29 22:20:08 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\SplitMediaLabs
[2014/07/31 18:39:12 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Spotify
[2013/02/25 17:38:27 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Theta
[2014/07/28 15:01:36 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Trine2
[2014/07/30 00:18:55 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\TS3Client
[2013/08/21 00:05:06 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\ts3overlay
[2014/01/10 00:58:52 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Tunngle
[2014/07/27 02:23:45 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Ubisoft
[2014/07/25 18:35:59 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\uTorrent
[2013/01/22 11:35:21 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Wargaming.net
[2014/05/04 12:39:56 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Warner Bros. Interactive Entertainment

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,552 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/06/06 12:48:03 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/07/13 05:56:07 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7f7ce779dc19.job
[2014/05/08 01:21:48 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6a4b1e881dc4.job
[2014/05/08 01:46:20 | 000,000,934 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1325416706-420989168-3387538490-1000Core1cf6a4e8bc3a8a1.job
[2014/06/21 23:54:25 | 000,000,986 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1325416706-420989168-3387538490-1000UA1cf8d9b5dde311a.job

< >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012/06/02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010/11/21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013/05/10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013/10/05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012/06/04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013/05/10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2012/06/02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012/06/02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010/11/21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013/05/10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013/10/05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\$WINDOWS.~Q\DATA\Windows\System32\drivers\iaStor.sys
[2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_9c981fcb416c038e\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2014/05/30 10:00:12 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=04F6C08B30C599D301CE8530A6F6A703 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\SysNative\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2013/09/25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2012/08/24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012/06/04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2013/09/25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
[2014/05/30 10:07:57 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F23812F9F7B130854E4BC0389F7C688C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013/03/19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013/08/29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013/08/02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013/07/08 04:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013/03/19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/05/08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014/04/05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010/11/21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012/08/22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2013/05/08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/07/06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013/01/04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013/11/26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[12 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\63220b960edec9049cbd93ce14f64ee8\*.tmp files -> C:\Windows\SoftwareDistribution\Download\63220b960edec9049cbd93ce14f64ee8\*.tmp -> ]
[76 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\_avast_\*.tmp files -> C:\Windows\Temp\_avast_\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/06/01 18:37:59 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\.minecraft
[2014/01/10 00:37:59 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\.technic
[2014/06/08 00:02:25 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Adobe
[2014/07/11 23:05:43 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Apple Computer
[2013/01/22 16:53:19 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\ATI
[2014/07/16 21:23:02 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\AVAST Software
[2014/07/05 18:42:50 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\BANDISOFT
[2013/01/22 11:35:18 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\DAEMON Tools Lite
[2013/12/29 14:03:22 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Dropbox
[2014/02/26 14:41:59 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\GameSave Manager 2
[2014/02/27 04:36:04 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\GameSave Manager 3
[2014/06/22 14:16:01 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\GHISLER
[2014/06/26 19:05:14 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\GRETECH
[2014/03/18 21:10:16 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Identities
[2013/01/22 11:35:18 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Intel Corporation
[2013/12/16 00:20:17 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\IsolatedStorage
[2014/05/26 11:14:42 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\library_dir
[2013/01/22 11:35:18 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Macromedia
[2014/07/30 19:53:31 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Malwarebytes
[2011/04/12 10:45:23 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Media Center Programs
[2014/03/10 14:20:21 | 000,000,000 | --SD | M] -- C:\Users\Marek Khúla\AppData\Roaming\Microsoft
[2013/01/22 11:35:19 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Mozilla
[2014/03/11 00:27:44 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Mumble
[2013/01/22 11:35:20 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Nero
[2014/06/29 17:16:55 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Notepad++
[2014/07/25 23:55:17 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Origin
[2014/07/05 23:30:18 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\PDM
[2014/02/02 23:18:45 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\PhotoScape
[2013/09/22 16:58:30 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Publish Providers
[2013/01/22 11:35:20 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\PunkBuster
[2014/05/11 15:32:34 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Samsung
[2014/07/06 15:25:15 | 000,000,000 | R--D | M] -- C:\Users\Marek Khúla\AppData\Roaming\SecuROM
[2014/07/20 15:09:18 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Skype
[2013/11/01 00:34:58 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Sony
[2013/10/11 01:21:10 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Sony Creative Software Inc
[2013/09/29 22:20:08 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\SplitMediaLabs
[2014/07/31 19:05:17 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Spotify
[2013/02/25 17:38:27 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Theta
[2014/07/28 15:01:36 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Trine2
[2014/07/30 00:18:55 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\TS3Client
[2013/08/21 00:05:06 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\ts3overlay
[2014/01/10 00:58:52 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Tunngle
[2014/07/27 02:23:45 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Ubisoft
[2014/07/25 18:35:59 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\uTorrent
[2013/01/22 11:35:21 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Wargaming.net
[2014/05/04 12:39:56 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\Warner Bros. Interactive Entertainment
[2013/01/22 11:35:21 | 000,000,000 | ---D | M] -- C:\Users\Marek Khúla\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2007/03/22 12:46:42 | 000,126,976 | ---- | M] () -- C:\Users\Marek Khúla\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2014/06/26 19:06:23 | 000,054,432 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Marek Khúla\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012/11/30 15:33:39 | 000,010,134 | R--- | M] () -- C:\Users\Marek Khúla\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011/02/24 17:07:45 | 000,835,440 | R--- | M] () -- C:\Users\Marek Khúla\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
[2014/02/14 14:55:18 | 001,564,992 | ---- | M] (Samsung) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2014/02/14 14:55:20 | 000,559,936 | ---- | M] () -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesAgent.exe
[2014/02/14 14:55:26 | 000,277,824 | ---- | M] () -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2014/02/14 14:55:24 | 000,311,616 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2014/02/14 14:49:52 | 000,173,568 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2014/02/14 14:51:26 | 000,352,768 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2014/02/14 14:50:24 | 000,697,856 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2014/02/14 14:55:28 | 000,067,904 | ---- | M] (Samsung) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2014/02/14 14:55:40 | 000,065,856 | ---- | M] () -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\RegisterCOM.exe
[2014/01/23 11:22:36 | 000,055,296 | ---- | M] (Samsung) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AdminDelegator.exe
[2014/01/23 11:22:36 | 000,082,944 | ---- | M] (Samsung) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2014/01/23 11:22:36 | 000,071,680 | ---- | M] (Samsung) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2014/02/14 14:55:32 | 000,845,120 | ---- | M] (Samsung) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2014/02/14 14:55:34 | 003,835,040 | ---- | M] (Freeware) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2014/02/14 14:55:36 | 000,624,448 | ---- | M] (ml) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2014/02/06 14:40:22 | 015,480,376 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2014/04/23 14:19:22 | 001,564,992 | ---- | M] (Samsung) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2014/04/23 14:19:28 | 000,559,936 | ---- | M] () -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2013/12/30 03:55:30 | 000,578,560 | ---- | M] (Samsung Electronics) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAirMessage.exe
[2014/04/23 14:19:38 | 000,277,824 | ---- | M] () -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2014/04/23 14:19:34 | 000,311,616 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2014/04/23 14:13:38 | 000,173,568 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2014/04/23 14:15:14 | 000,352,768 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2014/04/23 14:14:10 | 000,698,368 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2014/04/23 14:19:42 | 000,067,904 | ---- | M] (Samsung) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2014/04/23 14:19:54 | 000,065,856 | ---- | M] () -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2014/04/23 11:29:54 | 000,061,016 | ---- | M] (Samsung) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AdminDelegator.exe
[2014/04/23 11:29:54 | 000,088,664 | ---- | M] (Samsung) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2014/04/23 11:29:54 | 000,077,392 | ---- | M] (Samsung) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2014/04/23 14:19:46 | 000,845,120 | ---- | M] (Samsung) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2014/04/23 14:19:48 | 003,835,040 | ---- | M] (Freeware) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2014/04/23 14:19:52 | 000,624,448 | ---- | M] (ml) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2014/04/14 11:31:16 | 016,005,152 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2014/02/14 14:55:36 | 000,624,448 | ---- | M] (ml) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2014/04/23 14:19:52 | 000,624,448 | ---- | M] (ml) -- C:\Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2014/07/25 23:34:41 | 006,162,488 | ---- | M] (Spotify Ltd) -- C:\Users\Marek Khúla\AppData\Roaming\Spotify\spotify.exe
[2014/07/25 23:34:41 | 000,061,496 | ---- | M] (Spotify Ltd) -- C:\Users\Marek Khúla\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2014/07/25 23:34:41 | 000,601,144 | ---- | M] () -- C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
[2014/07/25 23:34:41 | 001,178,168 | ---- | M] (Spotify Ltd) -- C:\Users\Marek Khúla\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
[2014/07/05 18:39:21 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\Marek Khúla\AppData\Roaming\uTorrent\uTorrent.exe
[2014/06/17 09:00:13 | 001,271,376 | ---- | M] (BitTorrent Inc.) -- C:\Users\Marek Khúla\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe
[2014/06/26 19:01:08 | 001,314,384 | ---- | M] (BitTorrent Inc.) -- C:\Users\Marek Khúla\AppData\Roaming\uTorrent\updates\3.4.2_31893.exe
[2014/07/05 18:39:21 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\Marek Khúla\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/07/28 22:19:56 | 000,053,725 | ---- | M] () -- C:\Windows\system32\CCCInstall_201407282219568485.log
[2014/07/31 18:54:50 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ISUSPM Startup" = C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup -- [2004/06/16 07:03:26 | 000,221,184 | ---- | M] (InstallShield Software Corporation)
"Google Update" = "C:\Users\Marek Khúla\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012/09/11 11:56:14 | 000,116,648 | ---- | M] (Google Inc.)
"AdobeBridge" =
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2014/03/04 11:19:52 | 003,696,912 | ---- | M] (Disc Soft Ltd)
"F.lux" = "C:\Users\Marek Khúla\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow -- [2013/10/24 00:39:14 | 001,017,224 | ---- | M] (Flux Software LLC)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/07/31 18:54:52 | 000,000,512 | ---- | M] () MD5=2CB23FCB2A46019029A395AC04B1E770 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011/10/12 17:15:58 | 000,002,732 | ---- | M] () -- \Dragon Age\addins\da2_prc_eye\module\audio\vo\en-us\facialanimations\fxe_eye400_cave_crack.crf
[2011/10/12 17:01:54 | 000,024,154 | ---- | M] () -- \Dragon Age\addins\da2_prc_eye\module\data\cln_eye400_cave_crack.crf
[2012/11/01 01:19:22 | 000,002,077 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\-XBT- Cracked Nexus Mod Manager - Skyrim, Oblivion, Fallout, Etc - NEW.torrent
[2013/02/25 17:26:20 | 000,000,361 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\AC III Crack THETA.torrent
[2013/11/25 20:10:46 | 000,015,773 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\Assassin's Creed IV Black Flag - Crack FIX v4 - 3DM [SAVE Fix] -[vtv].torrent
[2014/03/11 02:00:01 | 000,013,154 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\Banished_2014_eng_32bit_64bit_cracked.7z.torrent
[2012/11/16 17:25:17 | 000,008,103 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\Call.of.Duty.Black.Ops.2.Proper.Crack.Only-3DM.torrent
[2012/11/27 12:52:22 | 000,011,504 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\Mafia.II.Crackfix-SKIDROW.1.torrent
[2012/11/27 12:44:09 | 000,011,504 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\Mafia.II.Crackfix-SKIDROW.torrent
[2012/11/23 09:33:55 | 000,001,546 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\Mass.Effect.ViTALiTY.Crack.only.rar.torrent
[2012/11/18 17:43:51 | 000,006,038 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\rld-bbc2-Mbb-CrackOnly.rar.torrent
[2013/03/29 17:24:46 | 000,005,323 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\Update.and.Crack-ASC-II-Mbb.rar.torrent

< *keygen* /s >
[2013/09/22 16:41:27 | 000,017,067 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\Sony Vegas Pro 11.0.370 64 bit patch keygen huoyuan.torrent
[2013/09/07 15:21:57 | 000,000,689 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\Two.Worlds.2.Keygen.Fix-RELOADED.torrent

< *AntiWPA* /s >

< *loader* /s >
[2009/07/14 07:09:01 | 000,003,532 | ---- | M] () -- \$INPLACE.~TR\Data\DATA\Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2012/11/30 07:38:44 | 000,003,584 | ---- | M] () -- \$INPLACE.~TR\Machine\DATA\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | ---- | M] () -- \$INPLACE.~TR\Machine\DATA\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/09/11 13:14:04 | 000,000,194 | ---- | M] () -- \$WINDOWS.~Q\DATA\Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2011/02/03 08:32:41 | 000,057,856 | ---- | M] () -- \Dragon Age\bin_ship\physxloader.dll
[2013/01/08 16:05:34 | 003,298,024 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\Photodownloader.exe
[2012/03/13 10:41:34 | 000,000,860 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012/03/13 10:41:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012/03/13 10:42:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012/03/13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012/03/13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012/03/13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012/03/13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012/03/13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012/03/13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012/03/13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012/03/13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012/03/13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012/03/13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012/03/13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012/03/13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012/03/13 10:42:06 | 000,000,324 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012/03/13 10:42:06 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012/02/23 08:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012/02/23 08:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012/02/23 08:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2012/09/11 13:14:04 | 000,000,194 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2006/10/26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011/07/18 23:33:32 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2011/10/17 14:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011/10/17 13:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011/11/06 11:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011/11/10 15:55:50 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013/01/08 16:26:28 | 003,298,024 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012/03/13 10:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012/03/13 10:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012/03/13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012/03/13 10:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012/03/13 10:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2014/07/16 21:22:12 | 000,071,968 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014/07/16 21:22:12 | 000,085,376 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2014/04/29 09:02:52 | 000,687,336 | ---- | M] () -- \Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\LoaderExtension.dll
[2012/07/29 15:54:30 | 000,000,128 | ---- | M] () -- \Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\Images\WindowUpdate\centerLoader.png
[2012/07/29 15:54:30 | 000,000,174 | ---- | M] () -- \Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\Images\WindowUpdate\LeftLoader.png
[2012/07/29 15:54:30 | 000,000,222 | ---- | M] () -- \Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\Images\WindowUpdate\loader.png
[2012/07/29 15:54:30 | 000,000,169 | ---- | M] () -- \Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\Images\WindowUpdate\rightLoader.png
[2014/04/29 08:58:02 | 000,605,928 | ---- | M] () -- \Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\x86\LoaderExtension.dll
[2012/02/17 20:55:10 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2014/04/29 08:50:46 | 000,027,736 | ---- | M] () -- \ProgramData\Lucidlogix\defaultLucidloader.ini
[2012/10/01 13:36:00 | 000,387,800 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.bundle
[2012/07/10 00:11:00 | 000,693,704 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.dll
[2014/04/29 08:50:46 | 000,027,736 | ---- | M] () -- \Users\All Users\Lucidlogix\defaultLucidloader.ini
[2012/10/01 13:36:00 | 000,387,800 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.bundle
[2012/07/10 00:11:00 | 000,693,704 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.dll
[2014/06/18 08:46:54 | 000,755,000 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Adobe\downloader.dll
[2014/06/26 09:46:50 | 000,009,418 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.9_0\img\gifloader.gif
[2014/07/14 07:58:02 | 000,003,072 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtubedownloadersite.com_0.localstorage
[2014/07/14 07:58:02 | 000,003,608 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtubedownloadersite.com_0.localstorage-journal
[2014/07/25 23:48:43 | 000,003,072 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ytddownloader.com_0.localstorage
[2014/07/25 23:48:43 | 000,003,608 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ytddownloader.com_0.localstorage-journal
[2014/03/17 13:35:46 | 000,001,870 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0JZ7M4VI\AdLoader[1].htm
[2014/06/02 13:47:40 | 000,001,980 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0JZ7M4VI\AdLoader[2].htm
[2014/01/10 01:04:02 | 000,000,723 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0JZ7M4VI\downloaderror[1].js
[2014/01/26 12:14:21 | 000,000,723 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0JZ7M4VI\downloaderror[2].js
[2014/04/09 10:28:48 | 000,001,174 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0JZ7M4VI\downloader[1].js
[2014/06/20 21:01:20 | 000,001,980 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VRO6MH7\AdLoader[1].htm
[2014/06/02 13:47:40 | 000,017,912 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\69LLE4ZV\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2013/06/18 20:38:55 | 000,001,511 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\69LLE4ZV\AdLoader[1].htm
[2013/06/18 20:38:55 | 000,109,448 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90PT1ASL\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013/02/25 22:19:39 | 000,001,174 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A9RJ90MN\downloader[1].js
[2013/02/25 22:22:21 | 000,001,174 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHGCWWUS\downloader[1].js
[2014/06/02 13:47:48 | 000,001,980 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IOS36D09\AdLoader[1].htm
[2014/04/09 10:28:01 | 000,000,723 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JH256GUM\downloaderror[1].js
[2013/02/25 22:19:38 | 000,003,784 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M3JIL4CQ\bundleloader[1].js
[2013/02/25 22:19:39 | 000,000,723 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M3JIL4CQ\downloaderror[1].js
[2014/04/09 10:28:01 | 000,001,174 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MFLODTT8\downloader[1].js
[2014/04/09 10:28:48 | 000,000,723 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PHA2YPF1\downloaderror[1].js
[2013/02/25 22:22:21 | 000,003,784 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VP1W49FK\bundleloader[1].js
[2013/02/25 22:22:21 | 000,000,723 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VP1W49FK\downloaderror[1].js
[2014/01/10 01:04:02 | 000,001,174 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVKACHXE\downloader[1].js
[2014/01/26 12:14:21 | 000,001,174 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVKACHXE\downloader[2].js
[2014/04/10 13:34:26 | 000,001,870 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YF8E8BBW\AdLoader[1].htm
[2014/03/17 13:35:46 | 000,112,122 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z05QFVJW\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014/07/01 11:46:16 | 000,072,638 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/07/01 11:46:16 | 000,003,032 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Skype\Apps\login\images\loader.png
[2014/07/01 11:46:16 | 000,006,012 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/07/01 11:46:16 | 000,021,956 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/07/01 11:46:16 | 000,009,772 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014/01/10 01:22:08 | 000,723,663 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\.technic\modpacks\hexxit\ForgeModLoader-client-0.log
[2014/01/10 01:16:51 | 000,000,000 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\.technic\modpacks\hexxit\ForgeModLoader-client-0.log.lck
[2014/01/10 00:46:24 | 000,519,568 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\.technic\modpacks\tekkitmain\ForgeModLoader-client-0.log
[2014/01/10 00:44:43 | 000,000,000 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\.technic\modpacks\tekkitmain\ForgeModLoader-client-0.log.lck
[2012/08/27 21:10:14 | 000,000,847 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img\ajax-loader.gif
[2012/08/27 21:10:14 | 000,001,135 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img\loader-icon.png
[2012/08/27 21:10:14 | 000,003,208 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img\loader.gif
[2012/08/27 21:10:14 | 000,001,849 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2014/02/14 14:54:18 | 000,069,120 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2014/04/23 14:18:18 | 000,069,120 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2014/04/29 08:50:46 | 000,027,736 | ---- | M] () -- \Users\Marek Khúla\Lucidlogix\defaultLucidloader.ini
[2014/07/31 17:48:13 | 000,000,168 | ---- | M] () -- \Users\Marek Khúla\Lucidlogix\localLucidloader.ini
[2014/07/28 22:55:09 | 000,025,006 | ---- | M] () -- \Users\Marek Khúla\Lucidlogix\lucidloader.ini
[2012/09/11 12:56:36 | 002,705,537 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-2.1.1.1897-enGB-tools-downloader.exe
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/04/12 10:34:35 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011/04/12 10:34:35 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011/04/12 10:34:35 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011/04/12 10:34:35 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011/04/12 10:34:35 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013/01/22 14:27:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013/01/22 14:27:23 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013/01/22 14:27:23 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013/01/22 14:27:23 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013/01/22 14:27:23 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/04/12 10:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010/11/21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

Morph
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 kvě 2013 20:31

Re: Prosím o kontrolu - zásek PC

#13 Příspěvek od Morph »

< *serial* /s >
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \$INPLACE.~TR\Machine\DATA\Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/12 10:34:10 | 000,011,776 | ---- | M] () -- \$INPLACE.~TR\Machine\DATA\Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011/04/12 10:34:17 | 000,090,112 | ---- | M] () -- \$WINDOWS.~Q\DATA\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011/04/12 10:34:17 | 000,090,112 | ---- | M] () -- \$WINDOWS.~Q\DATA\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011/01/22 05:22:33 | 001,015,366 | ---- | M] () -- \Dragon Age\packages\core\env\lt_undercityserialkiller\lt_undercityserialkiller.gpu.rim
[2011/01/22 05:22:33 | 003,296,402 | ---- | M] () -- \Dragon Age\packages\core\env\lt_undercityserialkiller\lt_undercityserialkiller.rim
[2011/01/22 05:22:35 | 009,216,284 | ---- | M] () -- \Dragon Age\packages\core\env\lt_undercityserialkiller\lt_undercityserialkiller_3567.gpu.rim
[2014/05/13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/07/24 08:16:29 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/04/12 10:34:17 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014/05/13 23:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/07/24 08:16:45 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/04/12 10:34:17 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014/06/21 16:05:19 | 000,003,120 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Apps\2.0\MBRVHK20.1EP\CB8Z9JA2.H24\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.Common.XmlSerializers.cdf-ms
[2014/06/21 16:05:14 | 000,013,312 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Apps\2.0\MBRVHK20.1EP\CB8Z9JA2.H24\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.Common.XmlSerializers.dll
[2014/06/21 16:05:19 | 000,001,079 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Apps\2.0\MBRVHK20.1EP\CB8Z9JA2.H24\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.Common.XmlSerializers.manifest
[2014/06/21 16:05:14 | 000,013,312 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Apps\2.0\MBRVHK20.1EP\CB8Z9JA2.H24\curs..zers_c85bb4cad3a5dfb5_0001.0000_none_311750f664a5eb21\Curse.CurseClient.Common.XmlSerializers.dll
[2014/07/29 00:05:21 | 002,181,120 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage
[2014/07/29 00:05:21 | 000,006,704 | ---- | M] () -- \Users\Marek Khúla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage-journal
[2013/02/16 20:26:46 | 000,014,939 | ---- | M] () -- \Users\Marek Khúla\AppData\Roaming\uTorrent\AGE OF EMPIRES III + SERIAL.torrent
[2014/07/06 15:24:00 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/02/12 10:09:40 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/12 10:32:20 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014/02/12 10:08:12 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/12 10:24:55 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b73fbf8a2db2192752ad2b13744a393b\System.Runtime.Serialization.ni.dll
[2014/02/12 10:02:44 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/12 10:02:44 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/02/12 10:02:50 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014/02/12 10:02:50 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014/02/12 12:15:41 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014/02/12 12:15:41 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014/02/12 10:28:02 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/12 10:28:02 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/02/12 10:29:04 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
[2014/02/12 10:29:04 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll.aux
[2014/02/12 10:31:53 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014/02/12 10:31:53 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013/09/11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/09/11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/09/11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/09/11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/09/11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/09/11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2003/02/21 07:26:56 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/09/11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/09/11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/12 10:34:10 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/09/11 21:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/09/11 21:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011/04/12 10:34:07 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011/04/12 10:34:07 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011/04/12 10:34:10 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011/04/12 10:34:12 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009/07/14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011/04/12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011/04/12 10:34:13 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013/01/22 14:27:23 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013/01/22 14:27:23 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011/04/12 10:34:36 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009/07/14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011/04/12 10:34:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009/07/14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011/04/12 10:33:41 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012/10/05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012/10/05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010/11/21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011/04/12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010/11/13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010/11/13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011/04/12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011/04/12 10:34:07 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011/04/12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010/11/21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu - zásek PC

#14 Příspěvek od Márty84 »

Morph píše:pretože ten druhý (Extras.txt) sa mi neotvoril a neviem ho nájsť ani v PC
Extras se vytvori jen pri prvnim spusteni. To nevadi, neni dulezity. Tu chybu obcas OTL vyhodi, nikdo nevi proc :D



:arrow: Napiste mi velikost adresare plochy (C:\Users\Marek Khúla\Desktop)




:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
MWAC
AdobeARMservice
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem
SwitchBoard

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce7f7ce779dc19.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6a4b1e881dc4.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1325416706-420989168-3387538490-1000Core1cf6a4e8bc3a8a1.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1325416706-420989168-3387538490-1000UA1cf8d9b5dde311a.job
C:\Users\Marek Khúla\AppData\Roaming\Mozilla\Firefox\Profiles\s2znmqiy.default\searchplugins\yahoo_ff.xml

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1325416706-420989168-3387538490-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
IE - HKU\S-1-5-21-1325416706-420989168-3387538490-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B0 88 F0 8E 03 90 CD 01 [binary data]
IE - HKU\S-1-5-21-1325416706-420989168-3387538490-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-1325416706-420989168-3387538490-1000\..\SearchScopes\{EAB43F9D-A7BF-4593-ADA1-4D192DA34647}: "URL" = https://search.yahoo.com/search?fr=chr- ... =501549&p={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..keyword.URL: "https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=501549&p="
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
[2013/01/22 11:35:20 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2014/07/27 22:24:15 | 000,008,141 | ---- | M] () -- C:\Users\Marek Khúla\AppData\Roaming\mozilla\firefox\profiles\s2znmqiy.default\searchplugins\yahoo_ff.xml
O1 - Hosts: 87.248.214.183 static3.cdn.Ubi.com
O1 - Hosts: 95.140.224.199 static2.cdn.Ubi.com
O1 - Hosts: 87.248.214.183 static1.cdn.Ubi.com
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014/07/30 19:51:37 | 000,000,000 | ---D | C] -- C:\Users\Marek Khúla\AppData\Roaming\Malwarebytes
[2014/07/30 19:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/07/30 19:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[12 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\63220b960edec9049cbd93ce14f64ee8\*.tmp files -> C:\Windows\SoftwareDistribution\Download\63220b960edec9049cbd93ce14f64ee8\*.tmp -> ]
[76 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=-
"Google Update"=-
"AdobeBridge"=-
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"=-
"ISUSScheduler"=-
"SwitchBoard"=-
"AdobeCS6ServiceManager"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Morph
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 kvě 2013 20:31

Re: Prosím o kontrolu - zásek PC

#15 Příspěvek od Morph »

Dobrý deň,

velikosť adresára C:\Users\Marek Khúla\Desktop je 201 MB. Prikladám požadovaný log.
Predom ďakujem za odpoveď.



All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57311 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Marek Kh

User: Marek Khúla
->Temp folder emptied: 2988863040 bytes
->Temporary Internet Files folder emptied: 281878155 bytes
->Java cache emptied: 11449025 bytes
->FireFox cache emptied: 79165476 bytes
->Google Chrome cache emptied: 295258919 bytes
->Flash cache emptied: 60820 bytes

User: Marek KhŁla

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 401408 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1147878985 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36124915 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 4 617,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Marek Kh

User: Marek Khúla
->Flash cache emptied: 0 bytes

User: Marek KhŁla

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service MWAC stopped successfully!
Service MWAC deleted successfully!
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce7f7ce779dc19.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6a4b1e881dc4.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1325416706-420989168-3387538490-1000Core1cf6a4e8bc3a8a1.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1325416706-420989168-3387538490-1000UA1cf8d9b5dde311a.job moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\Mozilla\Firefox\Profiles\s2znmqiy.default\searchplugins\yahoo_ff.xml moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-1325416706-420989168-3387538490-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\First Home Page| /E : value set successfully!
HKU\S-1-5-21-1325416706-420989168-3387538490-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1325416706-420989168-3387538490-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1325416706-420989168-3387538490-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EAB43F9D-A7BF-4593-ADA1-4D192DA34647}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB43F9D-A7BF-4593-ADA1-4D192DA34647}\ not found.
Prefs.js: "Yahoo!" removed from browser.search.defaultenginename
Prefs.js: "Bing " removed from browser.search.order.3
Prefs.js: "Yahoo!" removed from browser.search.selectedEngine
Prefs.js: "https://search.yahoo.com/search?fr=gree ... =501549&p=" removed from keyword.URL
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Plugins folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\modules folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\META-INF folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\lib folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults\preferences folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\skin folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\sl folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\lib folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\core folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_POPUP\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_POPUP folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest\lib folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI\autoTest folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TESTER_BCAPI folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\404 folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\menu folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\dlg folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog\images folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\SearchProtectorBubbleDialog folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\searchProtector folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js\resources folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\images folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options\css folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\options folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\myStuffDialogs folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js\resources folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\features folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\api folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\res folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\css folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\aboutBox folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468 folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome folder moved successfully.
C:\Users\Marek Khúla\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} folder moved successfully.
File C:\Users\Marek Khúla\AppData\Roaming\mozilla\firefox\profiles\s2znmqiy.default\searchplugins\yahoo_ff.xml not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Marek Khúla\AppData\Roaming\Malwarebytes folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\Program Files (x86)\Malwarebytes' Anti-Malware folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4EBC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6A94.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA91C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD307.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE83.tmp folder deleted successfully.
C:\Windows\Installer\MSI5C15.tmp- folder deleted successfully.
C:\Windows\Installer\MSI5FBD.tmp- folder deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\x4U1389.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\x4U1A7.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\x4U2180.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\x4U244C.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\x4U45AD.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\x4U7E1A.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\x4U7F8E.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\x4U84CA.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\x4UBA74.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\x4UCF.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\x4UE067.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\x4UFECE.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\63220b960edec9049cbd93ce14f64ee8\BITA65C.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 08012014_174327

Files\Folders moved on Reboot...
C:\Users\Marek Khúla\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Marek Khúla\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Zamčeno