VIRY.CZ

prosim o kontorlu logu, kamaratkee nejde uz ani internet cez web broswer a cely PC je spomaleny...

Logfile of random's system information tool 1.10 (written by random/random)
Run by Deniska at 2015-01-17 21:49:50
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 610 GB (85%) free of 715 GB
Total RAM: 3872 MB (54% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\FBAgent.exe"
C:\Windows\system32\WLANExt.exe 31983136
\??\C:\Windows\system32\conhost.exe "-2288298981218458404-13697044811165287272-27965559633377417-898844430-109618053
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
taskeng.exe {812FDE4D-9107-403A-91DE-3EBEF80BE1FA}
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
"C:\Windows\System32\igfxtray.exe"
taskeng.exe {37200156-D522-41F5-9816-B411F35C7F64}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Windows\SysWOW64\rundll32.exe" "C:\Users\Deniska\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3588
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
ATKOSD.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Windows\SysWOW64\mjcm\dnkt.exe"
"C:\Program Files\Elantech\ETDGesture.exe"
KBFiltr.exe
"C:\Windows\System32\tprb\dnkt.exe"
WDC.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Deniska\AppData\Roaming\Spotify\spotify.exe" /uri spotify:logindelay:0
"C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="8144.1.1982731636\337094709" /prefetch:673131151
"C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="8144.2.625612431\707533837" /prefetch:673131151
"C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="8144.3.548110337\1901953701" /prefetch:673131151
"C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="8144.4.751061990\392524651" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2462 --lang=en-US --log-severity=disable /prefetch:822062411
"C:\Program Files (x86)\ICQ7M\ICQ.exe"
"C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="8144.5.471164858\2050187809" /prefetch:673131151
"C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="8144.10.1071468332\657684033" /prefetch:673131151
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\dmwu.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll" --lang=en-US --channel="1988.99.1090779344\1919529410" /prefetch:-390060480
taskeng.exe {D4BACEA5-AD5C-4786-8358-B5946547EF82}
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Users\Deniska\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000Core.job - C:\Users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000UA.job - C:\Users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2014-07-09 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Users\Deniska\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-08-02 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-07-09 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
delta Helper Object - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll [2013-01-23 247704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~2\PCTRAN~1\webie.dll [2004-05-13 319488]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Users\Deniska\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll []
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll []
{82E1477C-B154-48D3-9891-33D83C26BCD3} - Delta Toolbar - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll [2013-01-23 321944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-07-28 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-07-28 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-07-28 416024]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-07-29 2862928]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-03-21 361984]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-03 2277992]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-08-02 961184]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-08-02 798880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Facebook Update"=C:\Users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-04 138096]
"Google+ Auto Backup"=C:\Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-01-06 3619096]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"iLivid"=C:\Users\Deniska\AppData\Local\iLivid\iLivid.exe -autorun []
"BackgroundContainerV2"=C:\Windows\SysWOW64\Rundll32.exe [2009-07-14 44544]
"Spotify Web Helper"=C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2015-01-14 1676344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1421312647 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-05-24 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-11-04 13346920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\38A880~1.141\SSSCHE~1.EXE [2014-01-16 329944]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22 318080]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-24 174720]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [2010-07-09 984400]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2012-02-02 2321072]
[10:09:05 PM] Denisa Funtíková: "AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-08-02 4085896]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-07-26 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-17 21:49:52 ----D---- C:\Program Files\trend micro
2015-01-17 21:49:50 ----D---- C:\rsit
2015-01-14 20:27:48 ----D---- C:\Users\Deniska\AppData\Roaming\Spotify
2015-01-14 14:19:42 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 14:19:42 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 14:19:41 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 14:19:36 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 14:19:35 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 14:19:30 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 14:18:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 14:18:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 14:18:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 14:18:17 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 14:18:16 ----A---- C:\Windows\system32\rstrui.exe
2015-01-14 14:18:12 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 14:18:12 ----A---- C:\Windows\system32\srclient.dll
2014-12-18 16:17:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 16:17:24 ----A---- C:\Windows\system32\ieUnatt.exe

======List of files/folders modified in the last 1 month======

2015-01-17 21:49:57 ----D---- C:\Windows\Temp
2015-01-17 21:49:52 ----D---- C:\Program Files
2015-01-17 21:46:38 ----D---- C:\Windows\Prefetch
2015-01-17 21:45:03 ----D---- C:\Users\Deniska\AppData\Roaming\Skype
2015-01-17 21:40:56 ----RD---- C:\Program Files (x86)
2015-01-17 13:17:40 ----D---- C:\Windows\system32\config
2015-01-16 00:58:56 ----D---- C:\Windows\System32
2015-01-16 00:58:56 ----D---- C:\Windows\inf
2015-01-16 00:58:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-15 10:06:23 ----A---- C:\Windows\SYSWOW64\log.txt
2015-01-15 10:04:11 ----A---- C:\Windows\system32\AutoRunFilter.ini
2015-01-15 03:30:59 ----D---- C:\Windows\winsxs
2015-01-15 03:28:38 ----D---- C:\Windows\SysWOW64
2015-01-15 03:28:36 ----D---- C:\Windows\system32\drivers
2015-01-15 03:27:26 ----D---- C:\Users\Deniska\AppData\Roaming\uTorrent
2015-01-15 03:05:10 ----D---- C:\Windows\system32\MRT
2015-01-15 03:04:50 ----A---- C:\Windows\system32\MRT.exe
2015-01-15 03:02:02 ----SHD---- C:\System Volume Information
2015-01-14 14:48:01 ----D---- C:\Users\Deniska\AppData\Roaming\ICQ
2015-01-14 14:19:17 ----D---- C:\Windows\system32\catroot
2015-01-14 14:19:15 ----D---- C:\Windows\system32\catroot2
2015-01-06 17:58:55 ----D---- C:\Windows\SYSWOW64\mjcm
2015-01-06 17:58:55 ----D---- C:\Windows\system32\tprb
2015-01-06 17:58:39 ----D---- C:\Windows\SYSWOW64\WNLT
2015-01-06 17:58:18 ----D---- C:\Windows\SYSWOW64\ARFC
2015-01-06 04:36:02 ----N---- C:\Windows\system32\MpSigStub.exe
2015-01-05 17:48:02 ----A---- C:\Windows\system32\dmwu.exe
2015-01-05 17:44:24 ----A---- C:\Windows\system32\ImHttpComm.dll
2015-01-03 21:44:39 ----SHD---- C:\Windows\Installer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-09 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-09 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-10-17 28992]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-08-21 19600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-09 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-23 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-09 427360]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-12-19 64288]
R1 ATKWMIACPIIO_;ATKWMIACPI Driver_; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-10-31 85936]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-09 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-09 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-09 92008]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-22 130024]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-22 395752]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-10-04 2770944]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-08-02 30368]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-07-29 309584]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-07-26 12288480]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-11-08 2945640]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-09-19 108656]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-08-02 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-08-02 330912]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-08-02 110240]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-08-02 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-08-02 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-08-02 280992]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-08-02 511136]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\Windows\system32\DRIVERS\s816bus.sys [2007-06-19 107048]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-04 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-03 277120]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-08-02 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-08-02 103584]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-07-09 50344]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe [2015-01-05 3039536]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-17 1640768]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-17 2253120]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 107912]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-05-23 654848]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 107912]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 289256]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-23 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-20 267440]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Dobry vecer

Je tento OS legalni? Opravdu neni bezne, ze by si bezny domaci uzivatel kupoval nejvyssi licenci, ktera zacina na 5.000 Kc s funkcemi, ktere nevyuzije, misto obycejne licence Home Premium, ktera stoji polovic

dobry vecer, kamaratka nevie... ja ten PC fyzicky tu nemam...

Ulozte na plochu OTL http://oldtimer.geekstogo.com/OTL.exe

kliknete pravym na ikonu OTL a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
zatrhnete moznosti Pro vsechny uzivatele, Kontrola na havet "LOP", Kontrola na havěť "Purity"
do okna dole (Custom Scans/Fixes) zkopirujte script, ktery je nize
zbytek ponechte, jak je a kliknete na Prohledat
vysledne logy (OTL.txt a Extras.txt) budou dlouhe, takze je rozdelte do vice prispevku (odpovedi)

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kód: Vybrat vše

,..

OTL logfile created on: 18. 1. 2015 00:02:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Deniska\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

3,78 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 35,61% Memory free
7,56 Gb Paging File | 4,03 Gb Available in Paging File | 53,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,64 Gb Total Space | 596,67 Gb Free Space | 85,40% Space Free | Partition Type: NTFS

Computer Name: NOTBUCIK | User Name: Deniska | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/01/17 22:29:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Deniska\Desktop\OTL.exe
PRC - [2015/01/14 20:28:46 | 006,737,976 | ---- | M] (Spotify Ltd) -- C:\Users\Deniska\AppData\Roaming\Spotify\spotify.exe
PRC - [2015/01/14 20:28:38 | 000,374,840 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2015/01/05 17:48:06 | 000,781,616 | ---- | M] () -- C:\Windows\SysWOW64\mjcm\dnkt.exe
PRC - [2014/12/06 02:50:53 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/12/03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/02 20:37:52 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\avastui.exe
PRC - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/07/09 08:36:50 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013/05/07 11:13:34 | 002,037,248 | ---- | M] (AB Team) -- C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
PRC - [2012/05/24 01:01:43 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2012/05/23 19:51:31 | 000,127,040 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7M\ICQ.exe
PRC - [2012/02/03 15:24:50 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2012/02/03 14:40:42 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2012/02/02 15:33:32 | 002,321,072 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2012/01/09 09:09:56 | 001,556,128 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011/12/23 15:39:38 | 000,174,720 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011/12/22 18:58:42 | 000,318,080 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2011/11/21 13:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2011/11/21 13:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2011/10/24 16:20:38 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2011/10/17 03:44:00 | 002,253,120 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/03 10:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2011/08/02 22:31:22 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010/12/21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/12/21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/07/09 21:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
PRC - [2009/06/19 09:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 09:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2008/12/22 16:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 20:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007/09/02 21:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe

========== Modules (No Company Name) ==========

MOD - [2015/01/14 20:28:42 | 036,966,968 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2015/01/14 20:28:40 | 000,108,600 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\Spotify\Data\libEGL.dll
MOD - [2015/01/14 20:28:38 | 000,886,840 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\Spotify\Data\libGLESv2.dll
MOD - [2015/01/14 20:28:38 | 000,867,896 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
MOD - [2015/01/14 20:28:38 | 000,374,840 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
MOD - [2015/01/05 17:48:06 | 001,710,384 | ---- | M] () -- C:\Windows\SysWOW64\mjcm\5154\nsib.dll
MOD - [2015/01/05 17:48:06 | 000,781,616 | ---- | M] () -- C:\Windows\SysWOW64\mjcm\dnkt.exe
MOD - [2014/10/16 14:51:52 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll
MOD - [2014/10/16 14:50:39 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll
MOD - [2014/10/16 14:50:16 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/16 14:49:59 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/16 14:49:46 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/16 14:49:15 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/16 14:49:04 | 012,236,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll
MOD - [2014/10/16 14:48:46 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/16 14:48:26 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/11 09:23:47 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/07/09 08:36:53 | 019,329,904 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll
MOD - [2014/07/09 08:36:51 | 000,301,152 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\aswProperty.dll
MOD - [2012/04/08 23:42:58 | 004,427,264 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BSplayer\FFDShow\ffmpeg.dll
MOD - [2012/04/08 23:40:34 | 003,470,848 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BSplayer\FFDShow\ffdshow.ax
MOD - [2012/01/31 08:25:12 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
MOD - [2012/01/12 16:17:14 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2009/08/11 20:21:20 | 001,021,440 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BSplayer\AC3 Filter\ac3filter_intl.dll
MOD - [2009/08/11 20:19:04 | 000,797,184 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BSplayer\AC3 Filter\ac3filter.ax
MOD - [2007/09/02 21:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 21:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
MOD - [2005/08/14 21:09:38 | 000,111,616 | ---- | M] () -- C:\Program Files (x86)\Webteh\BSPlayer\plugins\oldskin.dll

========== Services (SafeList) ==========

SRV:64bit: - [2015/01/05 17:48:02 | 003,039,536 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dmwu.exe -- (IBUpdaterService)
SRV:64bit: - [2014/11/22 03:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/07/09 08:36:50 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/01/16 01:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/03/04 00:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/12/03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/11/20 09:43:17 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/07/14 17:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/03/20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/05/23 17:02:41 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/02/03 15:24:50 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011/11/21 13:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2011/11/21 13:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/10/17 03:44:00 | 002,253,120 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/08/02 22:31:22 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/08/02 22:13:24 | 000,103,584 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/12/21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/11/23 20:37:38 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/07/09 08:37:52 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/07/09 08:37:04 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/07/09 08:37:04 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/07/09 08:37:04 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/07/09 08:37:04 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/07/09 08:37:04 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/07/09 08:37:03 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/12/19 14:11:27 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/09/12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/08/21 10:13:11 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/07/29 21:12:56 | 000,309,584 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/22 14:21:46 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/22 14:21:46 | 000,130,024 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/10/17 03:44:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/10/04 07:49:32 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/09/19 08:54:46 | 000,108,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/08/02 22:22:52 | 000,511,136 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/08/02 22:22:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/08/02 22:21:50 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/08/02 22:21:20 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/08/02 22:21:04 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/08/02 22:20:50 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/08/02 22:20:34 | 000,110,240 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011/08/02 22:20:18 | 000,330,912 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/07/26 09:22:48 | 012,288,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/04/26 04:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/03/18 06:36:18 | 000,074,840 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/10/20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/11/02 09:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/07/20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/10/31 08:00:24 | 000,085,936 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2008/05/23 16:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/06/19 07:50:46 | 000,107,048 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s816bus.sys -- (s816bus)
DRV:64bit: - [2007/05/14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2011/09/07 08:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO_)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 16:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {1E110449-9A0A-436E-AB99-8123E681EB6A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=119776 ... 08CACF3AF5
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A8 15 77 37 44 39 CD 01 [binary data]
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\..\SearchScopes,DefaultScope = {1E110449-9A0A-436E-AB99-8123E681EB6A}
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchT ... 08CACF3AF5
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\..\SearchScopes\{1E110449-9A0A-436E-AB99-8123E681EB6A}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT3220468
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://mysearch.sweetpacks.com?src=6&q= ... 2736759102
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A8 15 77 37 44 39 CD 01 [binary data]
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-899002400-3667767954-2353274250-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Deniska\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2014/07/09 08:37:05 | 000,000,000 | ---D | M]

[2012/10/07 12:19:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deniska\AppData\Roaming\Mozilla\Firefox\extensions
[2012/10/07 12:19:20 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Deniska\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2013/06/14 14:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2012/10/07 11:46:42 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
[2013/03/27 19:26:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0\extensions
[2012/07/31 12:59:18 | 000,221,380 | ---- | M] () (No name found) -- C:\Users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi
[2012/10/04 16:57:36 | 000,214,514 | ---- | M] () (No name found) -- C:\Users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\TorrentHandler@TorrentHandler.com.xpi
[2013/03/27 19:27:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\internal-nacl-plugin
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Disabled) = C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Deniska\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.16.3_0\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_1\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfbbohnodglnladfiabdknifodljiomo\2012.11.6.42260_0\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.16.3_0\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_1\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfbbohnodglnladfiabdknifodljiomo\2012.11.6.42260_0\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll猀 File not found
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files (x86)\PC Translator\webie.dll ()
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3:HKU - HKU\S-1-5-21-899002400-3667767954-2353274250-1000\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Users\Deniska\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll File not found
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-899002400-3667767954-2353274250-1000..\Run: [BackgroundContainerV2] C:\Users\Deniska\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll (ClientConnect Ltd.)
O4 - HKU\S-1-5-21-899002400-3667767954-2353274250-1000..\Run: [Facebook Update] C:\Users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-899002400-3667767954-2353274250-1000..\Run: [Google+ Auto Backup] C:\Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
O4 - HKU\S-1-5-21-899002400-3667767954-2353274250-1000..\Run: [iLivid] "C:\Users\Deniska\AppData\Local\iLivid\iLivid.exe" -autorun File not found
O4 - HKU\S-1-5-21-899002400-3667767954-2353274250-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-899002400-3667767954-2353274250-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-899002400-3667767954-2353274250-1000..\Run: [Spotify Web Helper] C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-899002400-3667767954-2353274250-1001..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-899002400-3667767954-2353274250-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-899002400-3667767954-2353274250-1000..\RunOnce: [Adobe Speed Launcher] 1421312647 File not found
O4 - HKU\S-1-5-21-899002400-3667767954-2353274250-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files (x86)\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : &Nastavi prekladaè - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files (x86)\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : Preloži &oznaèený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files (x86)\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : Preloži &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files (x86)\PC Translator\webie.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.4.140
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58FAF9F7-5828-4970-AE95-17C96F64593B}: DhcpNameServer = 213.151.222.34 85.237.225.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B83BD1A6-8E02-4B84-93C4-43B17A47A720}: DhcpNameServer = 192.168.4.140
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5aa7fac2-a559-11e1-b378-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5aa7fac2-a559-11e1-b378-806e6f6e6963}\Shell\AutoRun\command - "" = D:\InstAll.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\SysWow64\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015/01/17 22:29:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Deniska\Desktop\OTL.exe
[2015/01/17 21:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015/01/17 21:49:50 | 000,000,000 | ---D | C] -- C:\rsit
[2015/01/16 01:02:04 | 000,000,000 | ---D | C] -- C:\Users\Deniska\Desktop\Searching For Sugar Man 2012 BRRip XviD AC3 - HDSI
[2015/01/16 01:01:46 | 000,000,000 | ---D | C] -- C:\Users\Deniska\Desktop\Frances ha (2012) CRITERION 720p 5.1 BRRiP x264 AAC [Team Nanban]
[2015/01/14 20:28:51 | 000,000,000 | ---D | C] -- C:\Users\Deniska\AppData\Local\Spotify
[2015/01/14 20:27:48 | 000,000,000 | ---D | C] -- C:\Users\Deniska\AppData\Roaming\Spotify
[1 C:\Users\Deniska\Desktop\*.tmp files -> C:\Users\Deniska\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/01/18 00:08:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/01/17 23:59:02 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/17 23:35:23 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/01/17 22:29:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Deniska\Desktop\OTL.exe
[2015/01/17 21:44:47 | 001,222,144 | ---- | M] () -- C:\Users\Deniska\Desktop\RSITx64.exe
[2015/01/17 21:35:07 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000UA.job
[2015/01/17 18:47:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/01/17 15:59:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/16 00:58:56 | 000,797,890 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/01/16 00:58:56 | 000,674,062 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/01/16 00:58:56 | 000,126,238 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/01/15 10:17:06 | 000,020,880 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/01/15 10:17:06 | 000,020,880 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/01/15 10:04:11 | 000,002,050 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2015/01/15 10:03:25 | 3045,109,760 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/15 00:33:02 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000Core.job
[2015/01/14 20:28:49 | 000,001,815 | ---- | M] () -- C:\Users\Deniska\Desktop\Spotify.lnk
[2015/01/05 17:48:02 | 003,039,536 | ---- | M] () -- C:\Windows\SysNative\dmwu.exe
[2015/01/05 17:44:24 | 000,033,792 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[1 C:\Users\Deniska\Desktop\*.tmp files -> C:\Users\Deniska\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/01/17 22:42:53 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/01/17 21:44:16 | 001,222,144 | ---- | C] () -- C:\Users\Deniska\Desktop\RSITx64.exe
[2015/01/17 01:48:24 | 733,810,688 | ---- | C] () -- C:\Users\Deniska\Desktop\Restart.avi
[2015/01/16 01:03:53 | 183,611,392 | ---- | C] () -- C:\Users\Deniska\Desktop\Archer.2009.S01E02.DVDRip.XViD-OSiTV.avi
[2015/01/16 01:03:47 | 183,498,752 | ---- | C] () -- C:\Users\Deniska\Desktop\Archer.2009.S01E01.DVDRip.XViD-OSiTV.avi
[2015/01/14 20:28:49 | 000,001,815 | ---- | C] () -- C:\Users\Deniska\Desktop\Spotify.lnk
[2015/01/14 20:28:49 | 000,001,801 | ---- | C] () -- C:\Users\Deniska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2014/03/03 23:00:04 | 000,790,504 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/06/11 21:49:28 | 000,004,608 | ---- | C] () -- C:\Users\Deniska\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/10/07 20:44:55 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\AIMP3
[2014/01/20 23:26:18 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\AVAST Software
[2013/03/27 19:27:32 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\BabSolution
[2013/03/27 19:27:03 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Babylon
[2013/10/21 22:28:32 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\BSplayer
[2013/07/25 21:08:16 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\BSplayer Pro
[2013/03/27 19:27:26 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Delta
[2012/05/23 16:54:51 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\GHISLER
[2015/01/14 14:48:01 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\ICQ
[2015/01/17 22:30:53 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Spotify
[2015/01/15 03:27:26 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,032,528 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/05/23 16:49:11 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/05/23 16:49:14 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/03/04 08:39:49 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/12/04 00:28:21 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000Core.job
[2013/12/04 00:28:22 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000UA.job

< >

< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012/06/02 05:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2012/04/24 05:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/24 05:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2013/05/10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012/06/02 06:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2012/04/24 06:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2013/10/05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2012/04/24 05:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012/06/04 08:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013/05/10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2009/07/14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012/06/02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012/06/02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009/07/14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012/04/24 06:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012/06/02 06:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2013/05/10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2012/04/24 06:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2013/05/13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012/06/02 05:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012/04/24 06:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2013/10/05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[2012/06/02 05:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll
[2012/04/24 05:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/11/11 17:48:40 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/11/11 17:45:47 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/11 17:48:40 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/11/11 17:45:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/11/11 17:48:40 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/11/11 17:45:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/11/11 17:48:40 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/11/11 17:45:47 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2011/04/26 04:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Windows\SysNative\drivers\iaStor.sys
[2011/04/26 04:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_16d1c1de1eca8452\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2014/05/30 09:00:12 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=04F6C08B30C599D301CE8530A6F6A703 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2011/11/17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2011/11/17 08:05:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2014/04/12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\SysNative\lsass.exe
[2014/04/12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014/04/12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2014/04/12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[2014/04/12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18637_none_045ddc5573785d26\lsass.exe
[2014/09/19 10:42:18 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=341655B216721D89CADE9DEA2F33872F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18606_none_047d4bcf7360effc\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2014/04/12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014/04/12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2014/04/12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22736_none_04e678d68c96e399\lsass.exe
[2014/04/12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[2014/04/12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22843_none_04d8a9f28ca1b0ac\lsass.exe
[2012/06/04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2014/09/19 10:47:37 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=B84317193B6A29F5F5DCF538C34FDCED -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22814_none_04fa1a008c887630\lsass.exe
[2012/06/02 06:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011/11/17 07:42:52 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe
[2013/09/25 02:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
[2014/05/30 09:07:57 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F23812F9F7B130854E4BC0389F7C688C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010/11/20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/20 14:33:48 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2011/03/11 07:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2011/03/11 07:25:53 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014/04/12 03:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2014/04/12 03:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22908_none_0af90a3548e32446\smss.exe
[2013/03/19 03:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013/03/19 04:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013/08/29 02:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013/08/02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013/07/08 03:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013/03/19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013/03/19 04:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/04/05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014/04/05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/05/08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014/04/05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010/11/20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2010/11/11 17:50:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013/01/04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012/03/30 11:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012/03/30 12:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013/01/03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013/09/07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012/08/22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010/11/11 17:50:16 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013/05/08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012/03/30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/07/06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013/01/03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013/01/04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013/11/26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012/08/22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014/03/04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2010/11/11 17:48:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/11/11 17:48:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009/07/14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[17 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[30 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0e2956b1d7b18dc8f467b7ddc709ca77\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0e2956b1d7b18dc8f467b7ddc709ca77\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6b485d2d6eabb904fae574b9996e5530\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6b485d2d6eabb904fae574b9996e5530\*.tmp -> ]
[36 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/01/21 12:17:46 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Adobe
[2013/10/07 20:44:55 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\AIMP3
[2012/05/24 00:38:25 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Atheros
[2014/01/20 23:26:18 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\AVAST Software
[2013/03/27 19:27:32 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\BabSolution
[2013/03/27 19:27:03 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Babylon
[2013/10/21 22:28:32 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\BSplayer
[2013/07/25 21:08:16 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\BSplayer Pro
[2013/03/27 19:27:26 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Delta
[2012/05/23 16:54:51 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\GHISLER
[2012/11/28 09:53:26 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\GRETECH
[2015/01/14 14:48:01 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\ICQ
[2012/05/24 05:55:35 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Identities
[2012/05/24 00:26:11 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\InstallShield
[2012/05/23 17:32:06 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Macromedia
[2009/07/14 08:45:14 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Media Center Programs
[2012/05/23 16:52:08 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Media Player Classic
[2014/10/19 12:00:21 | 000,000,000 | --SD | M] -- C:\Users\Deniska\AppData\Roaming\Microsoft
[2012/10/07 11:46:42 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Mozilla
[2012/05/23 16:52:42 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Real
[2015/01/18 00:41:29 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Skype
[2015/01/17 22:30:53 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\Spotify
[2015/01/15 03:27:26 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\uTorrent
[2012/05/23 16:52:00 | 000,000,000 | ---D | M] -- C:\Users\Deniska\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013/06/06 10:23:16 | 000,004,608 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BabSolution\Shared\BabMaint.exe
[2013/02/25 15:37:03 | 000,011,344 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BabSolution\Shared\BUSUninstall.exe
[2013/06/16 09:40:51 | 000,389,632 | ---- | M] (Babylon Ltd.) -- C:\Users\Deniska\AppData\Roaming\BabSolution\Shared\GUninstaller.exe
[2009/08/11 20:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009/08/11 20:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010/03/22 13:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012/10/11 08:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010/08/14 09:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010/08/14 09:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010/08/14 09:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010/09/30 14:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2014/01/07 17:16:33 | 000,071,894 | R--- | M] () -- C:\Users\Deniska\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013/12/21 15:26:58 | 000,071,894 | R--- | M] () -- C:\Users\Deniska\AppData\Roaming\Microsoft\Installer\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}\GPUploader.exe
[2015/01/14 20:28:46 | 006,737,976 | ---- | M] (Spotify Ltd) -- C:\Users\Deniska\AppData\Roaming\Spotify\spotify.exe
[2015/01/14 20:28:44 | 000,061,496 | ---- | M] (Spotify Ltd) -- C:\Users\Deniska\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2015/01/14 20:28:38 | 000,374,840 | ---- | M] () -- C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
[2015/01/14 20:28:40 | 001,676,344 | ---- | M] (Spotify Ltd) -- C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015/01/15 10:06:23 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersi >

< on\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/01/18 00:08:04 | 000,000,512 | ---- | M] () MD5=7A21CF9F13995949A22C08FAC51CA1A3 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013/10/21 20:34:01 | 008,108,711 | ---- | M] () -- \Users\Deniska\Music\Snow Patrol\2008 - A Hundred Million Suns [1785259]\02 - Crack The Shutters.mp3
[2013/10/21 20:52:22 | 008,167,877 | ---- | M] () -- \Users\Deniska\Music\Snow Patrol\2009 - Up To Now [2722002(86)]\CD 1\03 - Crack The Shutters.mp3
[2013/10/21 20:22:25 | 007,993,319 | ---- | M] () -- \Users\Deniska\Music\Snow Patrol\Live's\2009 - iTunes Live From London EP\01 - Crack the Shutters (Live).m4a
[2013/10/21 20:29:43 | 007,217,545 | ---- | M] () -- \Users\Deniska\Music\Snow Patrol\Live's\2009 - iTunes Live London Festival '09\01 - Crack the Shutters (Live).m4a
[2013/10/22 11:34:42 | 008,205,582 | ---- | M] () -- \Users\Deniska\Music\Snow Patrol\Singles\2008 - Crack The Shutters\01 - Crack the Shutters.mp3
[2013/10/21 20:28:38 | 000,361,295 | ---- | M] () -- \Users\Deniska\Music\Snow Patrol\Singles\2009 - Crack The Shutters [1795274]\00-snow_patrol_-_crack_the_shutters-cdm-2009-cover.jpg
[2013/10/21 20:28:46 | 000,000,184 | ---- | M] () -- \Users\Deniska\Music\Snow Patrol\Singles\2009 - Crack The Shutters [1795274]\00-snow_patrol_-_crack_the_shutters-cdm-2009.m3u
[2013/10/21 20:28:46 | 000,000,978 | ---- | M] () -- \Users\Deniska\Music\Snow Patrol\Singles\2009 - Crack The Shutters [1795274]\00-snow_patrol_-_crack_the_shutters-cdm-2009.nfo
[2013/10/21 20:28:46 | 000,000,224 | ---- | M] () -- \Users\Deniska\Music\Snow Patrol\Singles\2009 - Crack The Shutters [1795274]\00-snow_patrol_-_crack_the_shutters-cdm-2009.sfv
[2013/10/22 11:35:30 | 005,367,440 | ---- | M] () -- \Users\Deniska\Music\Snow Patrol\Singles\2009 - Crack The Shutters [1795274]\01-snow_patrol_-_crack_the_shutters.mp3
[2013/10/22 11:35:31 | 007,461,239 | ---- | M] () -- \Users\Deniska\Music\Snow Patrol\Singles\2009 - Crack The Shutters [1795274]\03-snow_patrol_-_crack_the_shutters_(haunts_remix).mp3
[2013/10/22 11:35:31 | 005,661,560 | ---- | M] () -- \Users\Deniska\Music\Snow Patrol\Singles\2009 - Crack The Shutters [1795274]\04-snow_patrol_-_crack_the_shutters_(kid_gloves_remix).mp3

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2007/03/15 03:21:36 | 004,937,904 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007/03/15 01:07:28 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007/03/15 01:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007/03/15 01:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007/03/15 01:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007/03/15 01:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007/03/15 01:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007/03/15 01:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007/03/15 01:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007/03/15 01:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007/03/15 01:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007/03/15 01:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007/03/15 01:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007/03/15 01:07:28 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007/03/15 01:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007/03/15 01:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007/03/15 01:07:30 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007/03/15 01:10:18 | 000,088,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:20 | 000,025,188 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\cs_CZ\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:26 | 000,032,022 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:28 | 000,032,216 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:30 | 000,027,655 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:36 | 000,030,891 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\en_US\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:38 | 000,032,399 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:42 | 000,032,333 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:42 | 000,032,393 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:46 | 000,022,871 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:48 | 000,025,272 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:50 | 000,032,109 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:50 | 000,032,441 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:52 | 000,032,499 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:54 | 000,032,074 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:56 | 000,032,110 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:10:58 | 000,024,996 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:11:00 | 000,031,772 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:11:02 | 000,024,463 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:11:04 | 000,025,054 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:11:06 | 000,032,171 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:11:06 | 000,024,411 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:11:08 | 000,025,525 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:11:10 | 000,032,741 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007/03/15 01:11:10 | 000,032,833 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007/03/09 00:35:32 | 000,004,239 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2006/10/26 21:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 21:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2014/01/06 19:47:02 | 000,000,702 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_advoptions.fen
[2014/01/06 19:47:02 | 000,000,790 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_debug.fen
[2014/01/06 19:47:02 | 000,000,723 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_download.fen
[2014/01/06 19:47:02 | 000,000,694 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_file_errors.fen
[2013/02/09 02:39:28 | 000,000,934 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_main.fen
[2014/01/06 19:47:04 | 000,000,634 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_manage_devices.fen
[2014/01/06 19:47:04 | 000,002,283 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_onboard.fen
[2014/01/06 19:47:04 | 000,001,417 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_options.fen
[2014/01/06 19:47:04 | 000,001,330 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_pinwheel_72.png
[2014/01/06 19:47:04 | 000,002,541 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_pinwheel_72x2.png
[2014/01/06 19:47:04 | 000,002,109 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_prefs.fen
[2014/01/06 19:47:04 | 000,000,956 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error1.fen
[2014/01/06 19:47:04 | 000,001,080 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error2.fen
[2014/01/06 19:47:04 | 000,001,139 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error_estimate.fen
[2014/01/06 19:47:04 | 000,002,181 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_welcome.fen
[2012/05/23 19:51:30 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012/05/23 19:51:30 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012/05/23 19:51:30 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012/04/20 10:29:39 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012/05/23 21:20:50 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2014/09/22 16:37:34 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\rps\preloader02.swf
[2012/04/20 10:29:39 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\zoopaloola\preloader02.swf
[2012/05/09 22:53:20 | 000,062,308 | ---- | M] () -- \Program Files (x86)\RocketDock\Icons\jdownloader.png
[2012/05/09 07:11:06 | 000,055,233 | ---- | M] () -- \Program Files (x86)\RocketDock\Icons\orbit_downloader.png
[2008/11/10 03:39:36 | 000,032,584 | ---- | M] () -- \Program Files (x86)\RocketDock\Icons\samsung_java_uploader.png
[2008/06/21 03:13:32 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2014/07/09 08:36:50 | 000,071,968 | ---- | M] () -- \Program Files\Alwil Software\Avast5\aswWrcIELoader32.exe
[2014/07/09 08:36:50 | 000,085,376 | ---- | M] () -- \Program Files\Alwil Software\Avast5\aswWrcIELoader64.exe
[2014/08/13 13:14:30 | 000,009,418 | ---- | M] () -- \Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.16.3_0\img\gifloader.gif
[2014/08/05 22:33:08 | 000,018,544 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3QHDF3A4\AdLoader-0ee9685baf8ff395a7119d551063e2d4.min[1].js
[2014/06/01 17:12:21 | 000,017,912 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3QHDF3A4\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014/09/08 23:22:46 | 000,001,980 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3QHDF3A4\AdLoader[1].htm
[2014/08/05 22:32:56 | 000,001,980 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3QHDF3A4\AdLoader[2].htm
[2014/10/16 09:35:29 | 000,001,980 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3QHDF3A4\AdLoader[3].htm
[2014/04/18 02:52:59 | 000,001,891 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3QHDF3A4\preloader[1].js
[2013/11/03 12:38:46 | 000,110,642 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5WXMLO45\AdLoader-05424a4ab7d836fbf1bc3b5c2b3458f1.min[1].js
[2013/09/15 12:27:21 | 000,109,505 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5WXMLO45\AdLoader-3ce32d357de39fd9427f374be93bd0ac.min[1].js
[2013/10/24 13:35:23 | 000,110,751 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5WXMLO45\AdLoader-d40a84753bed078348a772ed17f771c5.min[1].js
[2014/02/20 19:13:09 | 000,001,870 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5WXMLO45\AdLoader[1].htm
[2013/10/03 08:09:55 | 000,002,832 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5WXMLO45\ImageLoader[1].gif
[2014/03/05 18:19:47 | 000,112,122 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\87WRF6TE\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014/01/18 14:28:55 | 000,001,537 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\87WRF6TE\AdLoader[1].htm
[2014/04/01 20:33:50 | 000,001,870 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\87WRF6TE\AdLoader[2].htm
[2013/07/25 21:04:14 | 000,009,267 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\87WRF6TE\universaldownloader-prefetch[1].htm
[2014/11/11 20:53:05 | 000,019,075 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPCIMPS0\AdLoader-1e2a66f59d6cdbb4b88978ac4dfd3746.min[1].js
[2014/06/01 17:12:18 | 000,001,980 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPCIMPS0\AdLoader[1].htm
[2014/06/09 18:45:30 | 000,001,980 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPCIMPS0\AdLoader[2].htm
[2014/11/11 20:53:05 | 000,001,980 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPCIMPS0\AdLoader[4].htm
[2014/11/12 06:36:47 | 000,001,980 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPCIMPS0\AdLoader[5].htm
[2014/09/22 16:34:01 | 000,000,410 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPCIMPS0\preloader[1].htm
[2014/04/18 02:53:00 | 000,002,931 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPCIMPS0\preloader[1].swf
[2013/04/21 14:03:55 | 000,000,673 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FS2SPWVF\loader_b[1].gif
[2014/02/20 19:13:10 | 000,111,819 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0GDD8YR\AdLoader-725aebe4743338ea770018ce780c157b.min[1].js
[2014/01/18 14:28:57 | 000,110,991 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0GDD8YR\AdLoader-7b857a7be889bd57f92da60a9b6146bb.min[1].js
[2014/03/05 18:19:46 | 000,001,870 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0GDD8YR\AdLoader[1].htm
[2014/03/06 13:22:26 | 000,000,969 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0GDD8YR\ImageLoader[1].gif
[2014/03/06 13:22:26 | 000,001,381 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0GDD8YR\ImageLoader[3].gif
[2013/04/21 14:03:55 | 000,009,427 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JYVUA3YO\loader_c[2].gif
[2014/06/01 18:11:02 | 000,001,980 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MXQOUBPX\AdLoader[2].htm
[2014/04/25 20:20:59 | 000,000,723 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MXQOUBPX\downloaderror[1].js
[2014/04/25 20:20:59 | 000,001,174 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MXQOUBPX\downloader[1].js
[2014/09/08 23:22:46 | 000,018,715 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NVVK6O59\AdLoader-a5fa12058ddb9a8919d6906ba95d7c57.min[1].js
[2014/12/14 17:11:03 | 000,001,980 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QVN4YWN4\AdLoader[1].htm
[2013/08/22 12:05:31 | 000,002,826 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TX6ZX4BE\ImageLoader[1].gif
[2014/03/06 13:22:26 | 000,004,749 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TX6ZX4BE\ImageLoader[2].gif
[2014/12/14 17:11:04 | 000,019,121 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XSYA1OIJ\AdLoader-288a31a04e1398b1a794975bf93ce9a4.min[1].js
[2014/10/19 11:47:35 | 000,055,099 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OB3NXR2\loader[1].js
[2014/11/14 00:51:24 | 000,007,757 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OB3NXR2\sf_conduit_loader[1].htm
[2014/11/10 14:57:14 | 000,120,251 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5OB3NXR2\sf_preloader[1].js
[2014/10/19 11:55:42 | 000,004,176 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9Z8XDKGR\ajaxLoader[1].gif
[2014/10/19 11:47:44 | 000,120,500 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9Z8XDKGR\sf_preloader[1].js
[2014/10/25 12:30:58 | 000,120,010 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9Z8XDKGR\sf_preloader[2].js
[2014/11/01 15:02:03 | 000,121,102 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9Z8XDKGR\sf_preloader[3].js
[2014/11/13 17:05:22 | 000,120,755 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9Z8XDKGR\sf_preloader[4].js
[2014/11/11 23:11:35 | 000,005,963 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FAA0HC2F\canvasloader[1].js
[2014/11/12 13:56:45 | 000,120,755 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FAA0HC2F\sf_preloader[1].js
[2014/11/12 18:00:12 | 000,120,755 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FAA0HC2F\sf_preloader[2].js
[2014/11/11 19:20:08 | 000,120,755 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PZ3VMWZO\sf_preloader[1].js
[2014/11/13 00:03:16 | 000,120,755 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PZ3VMWZO\sf_preloader[2].js
[2014/11/13 08:59:38 | 000,120,755 | ---- | M] () -- \Users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PZ3VMWZO\sf_preloader[3].js
[2014/01/06 10:52:30 | 003,244,032 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
[2014/01/06 10:47:04 | 000,000,702 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_advoptions.fen
[2014/01/06 10:47:04 | 000,000,790 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_debug.fen
[2014/01/06 10:47:04 | 000,000,723 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_download.fen
[2014/01/06 10:47:04 | 000,000,694 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_file_errors.fen
[2014/01/06 10:47:06 | 000,171,541 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_icons.psd
[2014/01/06 10:47:06 | 000,000,634 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_manage_devices.fen
[2014/01/06 10:47:06 | 000,002,283 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_onboard.fen
[2014/01/06 10:47:06 | 000,001,417 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_options.fen
[2014/01/06 10:47:06 | 000,002,109 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_prefs.fen
[2014/01/06 10:47:06 | 000,000,956 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error1.fen
[2014/01/06 10:47:06 | 000,001,080 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error2.fen
[2014/01/06 10:47:06 | 000,001,139 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error_estimate.fen
[2014/01/06 10:47:06 | 000,002,181 | ---- | M] () -- \Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_welcome.fen
[2014/07/24 14:53:16 | 000,072,638 | ---- | M] () -- \Users\Deniska\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/07/24 14:53:16 | 000,003,032 | ---- | M] () -- \Users\Deniska\AppData\Local\Skype\Apps\login\images\loader.png
[2014/07/24 14:53:16 | 000,006,012 | ---- | M] () -- \Users\Deniska\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/07/24 14:53:16 | 000,021,956 | ---- | M] () -- \Users\Deniska\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/07/24 14:53:16 | 000,009,772 | ---- | M] () -- \Users\Deniska\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014/06/18 22:10:12 | 000,000,162 | ---- | M] () -- \Users\Deniska\AppData\Local\Temp\GP_Uploader_140617-210654.dat
[2014/06/18 22:10:07 | 000,164,296 | ---- | M] () -- \Users\Deniska\AppData\Local\Temp\GP_Uploader_140617-210654.dmp
[5251 \Users\Deniska\AppData\Local\Temp\*.tmp files -> \Users\Deniska\AppData\Local\Temp\*.tmp -> ]
[2014/10/01 13:52:48 | 000,000,522 | ---- | M] () -- \Users\Deniska\AppData\Local\Torch\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.4_0\images\loader.gif
[2014/01/07 17:16:33 | 000,071,894 | R--- | M] () -- \Users\Deniska\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013/12/21 15:26:58 | 000,071,894 | R--- | M] () -- \Users\Deniska\AppData\Roaming\Microsoft\Installer\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}\GPUploader.exe
[2012/08/27 20:10:14 | 000,000,847 | ---- | M] () -- \Users\Deniska\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img\ajax-loader.gif
[2012/08/27 20:10:14 | 000,001,135 | ---- | M] () -- \Users\Deniska\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ac\img\loader-icon.png
[2012/08/27 20:10:14 | 000,003,208 | ---- | M] () -- \Users\Deniska\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\ui\gf\img\loader.gif
[2012/08/27 20:10:14 | 000,001,849 | ---- | M] () -- \Users\Deniska\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\chrome\CT3220468\content\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2012/05/08 08:18:02 | 000,005,469 | ---- | M] () -- \Users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com\resources\api-utils\lib\content\loader.js
[2012/05/08 08:18:02 | 000,004,163 | ---- | M] () -- \Users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com\resources\api-utils\lib\windows\loader.js
[2013/07/25 21:03:55 | 000,392,000 | ---- | M] () -- \Users\Deniska\Desktop\Programy\SoftonicDownloader_for_bs-player.exe
[1 \Users\Deniska\Desktop\Programy\*.tmp files -> \Users\Deniska\Desktop\Programy\*.tmp -> ]
[2015/01/17 19:03:28 | 000,016,192 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER32.EXE-312057E2.pf
[2015/01/17 19:03:28 | 000,015,928 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER64.EXE-882320A3.pf
[2015/01/17 22:32:31 | 000,059,256 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-4B76CB3C.pf
[2014/12/13 02:57:48 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_cs-cz_9200d0e22cbafea1.manifest
[2014/12/13 02:57:57 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_da-dk_2f3ab1092300faa0.manifest
[2014/12/13 02:58:07 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_de-de_2c66464524d74f3a.manifest
[2014/12/13 02:57:59 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_el-gr_d4fc73d813ecb7c8.manifest
[2014/12/13 02:58:05 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_es-es_d522792213dc4ca4.manifest
[2014/12/13 02:57:56 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_fi-fi_743d7dcf08f63ece.manifest
[2014/12/13 02:58:08 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_fr-fr_77d9ef2106ae6306.manifest
[2014/12/13 02:58:01 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_hu-hu_bf4a6f68eb0e3222.manifest
[2014/12/13 02:57:57 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_it-it_6201e567dde04884.manifest
[2014/12/13 02:58:01 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_ja-jp_04276474d0fb5a5f.manifest
[2014/12/13 02:58:03 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_ko-kr_a7914129c36c2175.manifest
[2014/12/13 02:57:48 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_nb-no_9023c25e9b914d31.manifest
[2014/12/13 02:57:53 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_nl-nl_8e630d9c9cbd5706.manifest
[2014/12/13 02:58:00 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_pl-pl_d49f681e81dfc4ba.manifest
[2014/12/13 02:58:00 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_pt-br_d6f352c28069589e.manifest
[2014/12/13 02:58:00 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_pt-pt_d7d5222e7fd8c87a.manifest
[2014/12/13 02:57:57 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_ru-ru_1e7833f264ba56a6.manifest
[2014/12/13 02:57:52 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_sv-se_ba731e675be36101.manifest
[2014/12/13 02:58:01 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_tr-tr_638068ae4a9f62f2.manifest
[2014/12/13 02:57:54 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_zh-cn_34dd86abfad73511.manifest
[2014/12/13 02:58:04 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_zh-hk_33887f39fbb2a7a1.manifest
[2014/12/13 02:57:56 | 000,004,141 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_zh-tw_38d9c401f8481181.manifest
[2014/12/13 02:57:48 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_cs-cz_9ff3a7ce67d7b3fd.manifest
[2014/12/13 02:57:52 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_da-dk_3d2d87f55e1daffc.manifest
[2014/12/13 02:58:08 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_de-de_3a591d315ff40496.manifest
[2014/12/13 02:57:44 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_el-gr_e2ef4ac44f096d24.manifest
[2014/12/13 02:57:50 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_en-us_e349f32a4ed2105b.manifest
[2014/12/13 02:58:08 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_es-es_e315500e4ef90200.manifest
[2014/12/13 02:57:48 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_fi-fi_823054bb4412f42a.manifest
[2014/12/13 02:57:51 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_fr-fr_85ccc60d41cb1862.manifest
[2014/12/13 02:58:06 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_hu-hu_cd3d4655262ae77e.manifest
[2014/12/13 02:57:56 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_it-it_6ff4bc5418fcfde0.manifest
[2014/12/13 02:58:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_ja-jp_121a3b610c180fbb.manifest
[2014/12/13 02:57:58 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_ko-kr_b5841815fe88d6d1.manifest
[2014/12/13 02:58:02 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_nb-no_9e16994ad6ae028d.manifest
[2014/12/13 02:57:58 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_nl-nl_9c55e488d7da0c62.manifest
[2014/12/13 02:57:58 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_pl-pl_e2923f0abcfc7a16.manifest
[2014/12/13 02:57:45 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_pt-br_e4e629aebb860dfa.manifest
[2014/12/13 02:57:48 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_pt-pt_e5c7f91abaf57dd6.manifest
[2014/12/13 02:58:08 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_ru-ru_2c6b0ade9fd70c02.manifest
[2014/12/13 02:57:51 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_sv-se_c865f5539700165d.manifest
[2014/12/13 02:57:57 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_tr-tr_71733f9a85bc184e.manifest
[2014/12/13 02:58:07 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_zh-cn_42d05d9835f3ea6d.manifest
[2014/12/13 02:57:46 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_zh-hk_417b562636cf5cfd.manifest
[2014/12/13 02:58:05 | 000,004,144 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_zh-tw_46cc9aee3364c6dd.manifest
[2014/12/12 07:29:04 | 000,005,793 | ---- | M] () -- \Windows\SoftwareDistribution\Download\cf8f3061a17b5253cadc6e7501a6db84\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_9eacf11a9a48c200.manifest
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 16:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 06:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 12:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 03:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 06:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 06:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 06:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 06:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 06:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2012/09/19 11:13:00 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012/09/19 11:13:00 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012/09/19 11:13:00 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012/09/19 11:13:00 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012/09/19 11:13:01 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 03:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2014/12/13 02:58:08 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_en-us_d5571c3e13b55aff.manifest
[2009/07/14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014/12/12 07:29:00 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_b9e51c6a9c5864d4.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 05:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2007/03/15 01:05:52 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\BadSerialNumberAlert.exv
[2007/03/15 01:05:52 | 000,001,545 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\CantChangeSerialNumberAlert.exv
[2007/03/15 01:05:52 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007/03/15 01:05:52 | 000,000,833 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\ReserializeAlert.exv
[2007/03/15 01:05:52 | 000,028,474 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\SerializationWF.exv
[2007/03/15 01:05:52 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\ar_AE\BadSerialNumberAlert.exv
[2007/03/15 01:05:52 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2007/03/15 01:05:52 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2007/03/15 01:05:52 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\ar_AE\ReserializeAlert.exv
[2007/03/15 01:05:52 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\ar_AE\SerializationWF.exv
[2007/03/15 01:05:54 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\he_IL\BadSerialNumberAlert.exv
[2007/03/15 01:05:54 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2007/03/15 01:05:54 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2007/03/15 01:05:54 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\he_IL\ReserializeAlert.exv
[2007/03/15 01:05:54 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS3\LMResources\he_IL\SerializationWF.exv
[2007/03/15 18:19:10 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\BadSerialNumberAlert.exv
[2007/03/15 18:19:10 | 000,001,545 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\CantChangeSerialNumberAlert.exv
[2007/03/15 18:19:10 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007/03/15 18:19:10 | 000,000,833 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\ReserializeAlert.exv
[2007/03/15 18:19:10 | 000,028,474 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\SerializationWF.exv
[2007/03/15 18:19:10 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\ar_AE\BadSerialNumberAlert.exv
[2007/03/15 18:19:10 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2007/03/15 18:19:10 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2007/03/15 18:19:10 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\ar_AE\ReserializeAlert.exv
[2007/03/15 18:19:12 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\ar_AE\SerializationWF.exv
[2007/03/15 18:19:14 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\he_IL\BadSerialNumberAlert.exv
[2007/03/15 18:19:14 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2007/03/15 18:19:14 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2007/03/15 18:19:16 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\he_IL\ReserializeAlert.exv

Kód: Vybrat vše

[2007/03/15 18:19:16 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS3\LMResources\he_IL\SerializationWF.exv
[2007/03/22 04:53:12 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\BadSerialNumberAlert.exv
[2007/03/22 04:53:12 | 000,001,545 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\CantChangeSerialNumberAlert.exv
[2007/03/22 04:53:12 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007/03/22 04:53:12 | 000,000,833 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\ReserializeAlert.exv
[2007/03/22 04:53:12 | 000,028,474 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\SerializationWF.exv
[2007/03/22 04:53:14 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\BadSerialNumberAlert.exv
[2007/03/22 04:53:14 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\CantChangeSerialNumberAlert.exv
[2007/03/22 04:53:14 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\InValidUpGradeSerialNumberAlert.exv
[2007/03/22 04:53:14 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\ReserializeAlert.exv
[2007/03/22 04:53:14 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\ar_ae\SerializationWF.exv
[2007/03/22 04:53:14 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\he_il\BadSerialNumberAlert.exv
[2007/03/22 04:53:14 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\he_il\CantChangeSerialNumberAlert.exv
[2007/03/22 04:53:14 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\he_il\InValidUpGradeSerialNumberAlert.exv
[2007/03/22 04:53:14 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\he_il\ReserializeAlert.exv
[2007/03/22 04:53:14 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS3\LMResources\he_il\SerializationWF.exv
[2014/07/10 23:24:10 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/07/10 23:24:01 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/11/11 23:03:58 | 000,003,072 | ---- | M] () -- \Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serial-online.cz_0.localstorage
[2014/11/11 23:03:58 | 000,003,608 | ---- | M] () -- \Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.serial-online.cz_0.localstorage-journal
[2014/10/27 21:19:07 | 001,622,016 | ---- | M] () -- \Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage
[2014/10/27 21:19:07 | 000,004,640 | ---- | M] () -- \Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage-journal
[2014/10/14 15:47:23 | 000,000,124 | ---- | M] () -- \Users\Deniska\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2014/06/24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/10/16 14:50:18 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/10/16 17:22:57 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
[2014/10/16 14:55:09 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\2a07bf9a29a64827bf06e7853214fc0f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/10/17 08:25:55 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5015b90fbd31c9ba4fff989b2c79711b\System.Runtime.Serialization.ni.dll
[2014/09/10 23:01:00 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/09/10 23:00:59 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/10/16 09:29:57 | 002,822,144 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
[2014/10/16 09:29:57 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll.aux
[2014/03/04 21:38:00 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014/03/04 21:37:59 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014/09/11 10:18:23 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\10cfe6422504c1beb7abe4f8f26aa6a8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/09/11 10:18:22 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\10cfe6422504c1beb7abe4f8f26aa6a8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/10/17 11:17:39 | 003,638,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\6d9b2d977435904b70f2e1571f7cf026\System.Runtime.Serialization.ni.dll
[2014/10/17 11:17:39 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\6d9b2d977435904b70f2e1571f7cf026\System.Runtime.Serialization.ni.dll.aux
[2014/03/04 21:33:10 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014/03/04 21:33:10 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013/09/11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.amd64
[2013/09/11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.x86
[2013/09/11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll_gac_x86
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014/07/23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014/06/24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2014/06/24 00:43:09 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/10 23:24:02 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/23 00:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009/07/14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009/07/14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2009/07/14 03:26:50 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781\serialui.dll.mui
[2009/07/14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009/07/14 03:30:28 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:43:09 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_a9a7e561157d82e9\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:43:05 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_92db3ec72f23fc97\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009/06/10 21:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010/11/05 02:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2014/03/09 22:48:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff\System.Runtime.Serialization.dll
[2014/07/10 23:24:02 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2014/03/17 15:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad\System.Runtime.Serialization.dll
[2014/07/08 00:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704\System.Runtime.Serialization.dll
[2009/06/10 21:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010/11/05 02:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2014/03/09 22:48:50 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98\System.Runtime.Serialization.dll
[2014/07/10 23:24:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2014/03/17 15:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846\System.Runtime.Serialization.dll
[2014/07/08 00:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d\System.Runtime.Serialization.dll
[2012/09/19 11:12:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012/09/19 11:12:05 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009/07/14 06:37:34 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781_serialui.dll.mui_7d29d2a3
[2009/07/14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009/07/14 06:37:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2009/07/14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 14:10:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2011/02/05 14:05:47 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2011/02/05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009/07/14 03:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010/11/20 05:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2014/07/02 07:30:52 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff.manifest
[2014/07/14 03:24:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5.manifest
[2012/10/05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2014/07/02 07:30:44 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad.manifest
[2014/07/14 03:13:57 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704.manifest
[2009/07/14 03:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010/11/20 05:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2014/07/02 07:31:00 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98.manifest
[2014/07/14 03:24:58 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e.manifest
[2012/10/05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2014/07/02 07:30:53 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846.manifest
[2014/07/14 03:14:06 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d.manifest
[2009/07/14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/11/20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2014/07/02 06:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014/07/14 03:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2012/10/05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2014/07/02 07:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014/07/14 03:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2009/07/14 03:42:40 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 19:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2014/07/02 07:12:55 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_en-us_8f47fbdfbfd0e755.manifest
[2014/07/14 03:07:18 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_en-us_8f4912f1bfcfe70b.manifest
[2012/10/05 18:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2014/07/02 07:12:12 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_en-us_787b5545d9776103.manifest
[2014/07/14 02:56:59 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_en-us_787c558fd9767a5a.manifest
[2009/07/14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/11/20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2014/07/02 07:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014/07/14 03:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2012/10/05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2014/07/02 07:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014/07/14 03:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2009/07/14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/11/20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2014/07/02 06:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014/07/14 03:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2012/10/05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2014/07/02 07:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014/07/14 03:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2014/03/09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014/07/10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2012/10/05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2014/03/17 15:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014/07/08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2014/03/09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014/07/10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2014/03/17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014/07/08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2009/07/14 03:10:04 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2014/03/09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014/07/10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[2014/03/17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014/07/08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll
 
[color=#A23BEC]< *w7lxe* /s >[/color]

< End of report >

OTL Extras logfile created on: 18. 1. 2015 00:02:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Deniska\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

3,78 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 35,61% Memory free
7,56 Gb Paging File | 4,03 Gb Available in Paging File | 53,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,64 Gb Total Space | 596,67 Gb Free Space | 85,40% Space Free | Partition Type: NTFS

Computer Name: NOTBUCIK | User Name: Deniska | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-899002400-3667767954-2353274250-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Deniska\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Deniska\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0258FB30-FBD7-4828-A553-40259CE7B1D2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{0E28E0E2-BA9E-4ECA-8E10-0DF80FD93C61}" = lport=445 | protocol=6 | dir=in | app=system |
"{0ECF9B70-344A-40F6-8357-6A114B9A81EE}" = lport=137 | protocol=17 | dir=in | app=system |
"{0FA4E65D-41BB-4176-93FE-1F9022A1DD36}" = rport=445 | protocol=6 | dir=out | app=system |
"{3DECAF3F-C4A0-42AA-BC21-D02D2EBA1B5C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{41D7F8E6-DF0C-4875-9AEF-76B2241490EB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{456AF86F-730B-43B7-B08F-41417AD4E4AC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4F3B4A6B-9E24-481A-89B4-9092F2D4DBFF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{69A57A16-0EDE-4D80-8FCF-D453763C7668}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{6C6A52AD-4FE8-441E-A2F1-4723F04167B6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7BE1D9ED-0ADE-4EDB-9103-0261B0A6D481}" = rport=137 | protocol=17 | dir=out | app=system |
"{7C46E675-D1E7-4778-B349-C9963734C17E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7F7B0EF9-D726-4A0E-9C91-E61FB0713E93}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{93C8DCCD-3F00-4C1E-B107-E30AEB6D8D60}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9C96D91E-D1CE-49BB-B6A7-46CFA16BF339}" = rport=139 | protocol=6 | dir=out | app=system |
"{BE4C762C-340E-4C96-8E7E-97F4CA02C831}" = rport=138 | protocol=17 | dir=out | app=system |
"{C4674995-4D1E-43E9-BF45-F89ED58882EE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CAD9A7E7-A7D4-4B5A-9324-652E179B67AF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CE62909B-177B-4841-8B24-604863156B21}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CF4D647C-010D-4559-ADD3-C28C163D32F1}" = lport=138 | protocol=17 | dir=in | app=system |
"{D025CB00-B41E-46C1-9568-EEA72178330D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E0188F92-7B46-47DA-8968-BB88D1A689EA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E216E660-EEEA-46D6-B554-52B539FF75FB}" = lport=139 | protocol=6 | dir=in | app=system |
"{F67BC70A-6053-407E-8DAE-77ECA03DAEF2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F86EFAC4-2069-412A-A538-2D0FF3923680}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03114E71-27E7-4D5D-A8F6-CB841FF591C1}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{23BB5689-2180-4B83-A0C2-28583CA00901}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{24A526C2-4232-4259-A605-BFCDAEB00B8C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2BD16E96-BEFB-423D-AEC7-C5C6BC38501B}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{2FD53DC9-5B20-45FC-B727-850709FC0412}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{38EB61B4-D159-40A2-9267-2D6AA2F817EE}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{3D2208AF-8D61-460A-8DB0-9203BF887544}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{4AD3926A-84FF-4381-8F36-6B7C74F00ADD}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{4D5330BF-ABD2-4568-8299-51B1BB80CB0C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F84001A-CBE7-484E-A17E-9565E02042DA}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{4FF60841-22EA-4795-89B6-FD7BFFA3B4D8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{50C37ADA-9044-4C0C-B48B-D3FA51DE5030}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{587BDB99-E559-4CF3-B610-5346C9568150}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5A47F27B-C1CD-4103-843F-DBEF899FC82C}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{62AE7147-50FF-4DED-9737-132F240D7D5E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62F8488A-57AF-4934-8C89-3712089550E6}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{62FB2BDA-3BFC-42F1-BCB7-9A75F980D2AF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{636BB56F-5870-49B8-8B37-9099D8E590FF}" = protocol=6 | dir=out | app=system |
"{780F36A7-2D6E-463D-9F91-93BB5F0F4F66}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{7B62A6E4-1B6C-4111-9AD5-E440D5DB7E06}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{9A78E7D3-6325-491C-8123-BA89ACFD7AB2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9A7DD366-6BA1-4C55-848E-D1777617D62D}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{9C90CB49-FB30-4537-B6C0-76BF4490D61F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A082DFEF-80F0-4E71-B58E-55FB99F9AEB0}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{A6116A1C-BD30-49EC-9375-D0EE07C280AE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B24CBF64-FFEA-4F72-8491-5817C6E621AD}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{B30A1FCC-B3B3-41B4-B84C-A1137D39A596}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B57DC9D2-9615-4D1C-BD09-73492D859F27}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B71ACFBA-B565-4707-9BB1-D86936417BFE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B8C44019-C7FD-4DAC-B61D-E58FCFC94B06}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C2BC644A-55EA-4F23-9F62-EB429C96A7EF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CEC22345-9FB8-4405-9EC6-97AD98F9444C}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{CEF2F94F-2D52-4A4B-906E-D25E011FAC91}" = dir=in | app=c:\users\deniska\appdata\local\microsoft\skydrive\skydrive.exe |
"{D2E5D212-2DC2-4E9B-836A-7435B941E4DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E282C066-44BF-4F65-AD7E-8503C012F9C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E33EA3D1-60A0-45C1-813A-A0063987F863}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{E5B909A8-D1C7-4769-BF8E-8BA4055CD50F}" = dir=in | app=c:\users\deniska\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{EBD10E17-4319-453C-BB00-1ADB4957A2FC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F61CE514-C1DA-4EB2-A4B5-D726FBFBC6DA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F92868B1-E5B9-4CA6-849F-55FFE75D9CF9}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{FA550442-7110-4223-9A0B-263FF31C9196}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FFCA96C7-1C31-4438-81A2-AB3E507042C3}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"TCP Query User{1D37A337-D574-43F9-A6A2-31D7DD1CC45A}C:\program files (x86)\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"TCP Query User{50CDB6CB-2FD7-41DA-8C7D-7DFBD25E12BE}C:\users\deniska\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\deniska\appdata\roaming\spotify\spotify.exe |
"TCP Query User{7DFE42BF-E27B-4C51-9761-01DCD65CC2C5}C:\users\deniska\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\deniska\appdata\roaming\spotify\spotify.exe |
"TCP Query User{BA2DD8E9-9F86-4397-BB3A-BD85AD9D043A}C:\program files (x86)\torntv.com\torntv downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\torntv.com\torntv downloader.exe |
"UDP Query User{09BF2AD0-FD68-4BE1-AF9A-B0C33C73EF3A}C:\users\deniska\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\deniska\appdata\roaming\spotify\spotify.exe |
"UDP Query User{45526E88-1147-4740-A23B-A7AA900A77B4}C:\program files (x86)\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"UDP Query User{72977B8E-2F29-4339-B099-48131D40C70F}C:\program files (x86)\torntv.com\torntv downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\torntv.com\torntv downloader.exe |
"UDP Query User{D089DAF2-0BBE-4616-B795-D1733FD63C43}C:\users\deniska\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\deniska\appdata\roaming\spotify\spotify.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"Elantech" = ETDWare PS/2-X64 11.5.0.9_WHQL
"McAfee Security Scan" = McAfee Security Scan Plus

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BitGuard
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19EA33FB-B34E-40EA-8B8A-61743AEB795A}" = Wireless Console 3
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041B-1000-0000000FF1CE}_PROPLUS_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.10)
"{B0002707-4F7E-4745-88A7-852DA8A88635}" = ASUS Sonic Focus
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"AIMP3" = AIMP3
"AmUStor" = Alcor Micro USB Card Reader
"AsusScr_K3 Series_ENG" = AsusScr_K3 Series_ENG
"avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner (remove only)
"delta" = Delta toolbar
"Delta Chrome Toolbar" = Delta Chrome Toolbar
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.7
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"PC Translator 2004 Komplet" = PC Translator 2004 Komplet
"Picasa 3" = Picasa 3
"PowerISO" = PowerISO
"PROPLUS" = Microsoft Office Professional Plus 2007
"RocketDock_is1" = RocketDock 1.3.5
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"uTorrentControl_v2 Toolbar" = uTorrentControl_v2 Toolbar
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archivátor
"WNLT" = IB Updater Service

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-899002400-3667767954-2353274250-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Spotify" = Spotify
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10. 1. 2013 12:37:09 | Computer Name = notbucik | Source = Application Error | ID = 1000
Description = Faulting application name: InsOnSrv.exe, version: 2.1.10.1, time stamp:
0x4f2b99ad Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0x990 Faulting application
start time: 0x01cdef2e3c5ae67c Faulting application path: C:\Program Files (x86)\ASUS\InstantOn
for NB\InsOnSrv.exe Faulting module path: unknown Report Id: f978b611-5b43-11e2-acc0-c86000410e6b

Error - 5. 3. 2013 09:02:07 | Computer Name = notbucik | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'Windows Search' could not be shut down.

Error - 19. 3. 2013 11:55:47 | Computer Name = notbucik | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7601.17567 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 714 Start
Time: 01ce24804123399c Termination Time: 434 Application Path: C:\Windows\Explorer.EXE

Report
Id: 6a25e8ea-90ad-11e2-8ae0-c86000410e6b

Error - 31. 3. 2013 14:08:09 | Computer Name = notbucik | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d672ee4 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec4aa8e Exception code: 0xc0000374 Fault offset: 0x00000000000c40f2
Faulting
process id: 0xcf0 Faulting application start time: 0x01ce2e38d7499561 Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: f1099f4b-9a2d-11e2-a674-c86000410e6b

Error - 14. 4. 2013 07:56:31 | Computer Name = notbucik | Source = Picasa3 | ID = 1
Description = AplikÃ¡cia Picasa zlyhala. Vygeneroval sa vÃ½pis pri zlyhanÃ: C:\Users\Deniska\AppData\Local\Temp\Picasa_130414-131927.dmp

Error - 30. 4. 2013 17:52:41 | Computer Name = notbucik | Source = Application Error | ID = 1000
Description = Faulting application name: c2c_service.exe, version: 6.7.0.12055,
time stamp: 0x5148e615 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id:
0x8b8 Faulting application start time: 0x01ce45ec8cf33cc1 Faulting application path:
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe Faulting module
path: unknown Report Id: 4761fca7-b1e0-11e2-885e-c86000410e6b

[ OSession Events ]
Error - 25. 11. 2013 19:39:13 | Computer Name = notbucik | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 388531
seconds with 13980 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 14. 1. 2015 22:32:05 | Computer Name = notbucik | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ASUS InstantOn service.

Error - 14. 1. 2015 22:35:37 | Computer Name = notbucik | Source = Service Control Manager | ID = 7022
Description = The NVIDIA Update Service Daemon service hung on starting.

Error - 15. 1. 2015 05:04:46 | Computer Name = notbucik | Source = DCOM | ID = 10005
Description =

Error - 15. 1. 2015 05:04:46 | Computer Name = notbucik | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Search service to connect.

Error - 15. 1. 2015 05:04:46 | Computer Name = notbucik | Source = Service Control Manager | ID = 7000
Description = The Windows Search service failed to start due to the following error:
%%1053

Error - 15. 1. 2015 05:08:51 | Computer Name = notbucik | Source = Service Control Manager | ID = 7022
Description = The NVIDIA Update Service Daemon service hung on starting.

Error - 15. 1. 2015 10:57:24 | Computer Name = notbucik | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Atheros Bt&Wlan Coex Agent service.

Error - 15. 1. 2015 16:39:30 | Computer Name = notbucik | Source = DCOM | ID = 10016
Description =

Error - 15. 1. 2015 16:39:30 | Computer Name = notbucik | Source = DCOM | ID = 10016
Description =

Error - 16. 1. 2015 20:18:02 | Computer Name = notbucik | Source = Service Control Manager | ID = 7031
Description = The IBUpdaterService service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.

< End of report >

Odinstalujte

McAfee Security Scan
Skype Click to Call

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

dakujem

Kód: Vybrat vše

# AdwCleaner v4.108 - Report created 18/01/2015 at 20:58:56
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Deniska - NOTBUCIK
# Running from : C:\Users\Deniska\Desktop\adwcleaner_4.108.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : IBUpdaterService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BitGuard
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Delta
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\Movies App
Folder Deleted : C:\Windows\SysWOW64\ARFC
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Windows\SysWOW64\WNLT
Folder Deleted : C:\Users\Deniska\AppData\Local\Temp\mt_ffx
Folder Deleted : C:\Windows\System32\ljkb
Folder Deleted : C:\Users\Deniska\AppData\Local\Conduit
Folder Deleted : C:\Users\Deniska\AppData\Local\onlysearch
Folder Deleted : C:\Users\Deniska\AppData\Local\torch
Folder Deleted : C:\Users\Deniska\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Deniska\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Deniska\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Deniska\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Deniska\AppData\Roaming\Delta
Folder Deleted : C:\Users\Deniska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Deleted : C:\Users\Deniska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Users\Deniska\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage
File Deleted : C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage-journal
File Deleted : C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\bprotector web data
File Deleted : C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : BitGuard
Task Deleted : EPUpdater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hphibigbodkkohoglgfkddblldpfohjl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV2]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile
Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\d
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\oneclick
Key Deleted : HKLM\SOFTWARE\Classes\oneclickmg
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKCU\Software\Classes\keepmysearch
Key Deleted : HKCU\Software\e088d9b46fee13
Key Deleted : HKLM\SOFTWARE\e088d9b46fee13
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1E110449-9A0A-436E-AB99-8123E681EB6A}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APNDTX
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Delta
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : [x64] HKCU\Software\WNLT
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\WNLT
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.99

[C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&babsrc=NT_ss&s=web&rlz=0&as=0&ac=0
[C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.qip.ru/search/?query={searchTerms}&from=os

*************************

AdwCleaner[R0].txt - [23244 octets] - [18/01/2015 20:55:34]
AdwCleaner[S0].txt - [22074 octets] - [18/01/2015 20:58:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22135 octets] ##########

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

A nedavejte mi logy do code/quote.. hure se to cte

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-01-2015 01
Ran by Deniska (administrator) on NOTBUCIK on 18-01-2015 21:22:49
Running from C:\Users\Deniska\Desktop
Loaded Profiles: Deniska & UpdatusUser (Available profiles: Deniska & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Windows\AsScrPro.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Spotify Ltd) C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862928 2012-07-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-03] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [961184 2011-08-02] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [798880 2011-08-02] (Atheros Commnucations)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-22] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-08-02] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\Run: [Facebook Update] => C:\Users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-12-04] (Facebook Inc.)
HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\Run: [Google+ Auto Backup] => C:\Users\Deniska\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)
HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\Run: [Spotify Web Helper] => C:\Users\Deniska\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-01-14] (Spotify Ltd)
HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\RunOnce: [Adobe Speed Launcher] => 1421611420
HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_223_Plugin.exe [855216 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\MountPoints2: {5aa7fac2-a559-11e1-b378-806e6f6e6963} - D:\InstAll.exe
HKU\S-1-5-21-899002400-3667767954-2353274250-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-899002400-3667767954-2353274250-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-899002400-3667767954-2353274250-1001\...\MountPoints2: {5aa7fac2-a559-11e1-b378-806e6f6e6963} - D:\InstAll.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [241984 2011-10-17] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-899002400-3667767954-2353274250-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-899002400-3667767954-2353274250-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files (x86)\PC Translator\webie.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-899002400-3667767954-2353274250-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Deniska\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012-07-16]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "", "https://www.google.sk/?gws_rd=ssl"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll No File
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Deniska\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Profile: C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (YouTube) - C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-23]
CHR Extension: (Google Search) - C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-23]
CHR Extension: (AdBlock) - C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-08]
CHR Extension: (YouTube) - C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfbbohnodglnladfiabdknifodljiomo [2012-11-06]
CHR Extension: (Google Wallet) - C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-23]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaigjndjblmpeckabiffcpogflfgl] - C:\Users\Deniska\AppData\Local\ilividbandoomoviestoolbar\GC\toolbar.crx [2014-07-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-07-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-03] (ASUS)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-08-02] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [103584 2011-08-02] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-07-09] (AVAST Software)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-05-23] (Macrovision Europe Ltd.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-09] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [19600 2012-08-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-09] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-09] ()
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 s816bus; C:\Windows\System32\DRIVERS\s816bus.sys [107048 2007-06-19] (MCCI Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 21:22 - 2015-01-18 21:23 - 00019650 _____ () C:\Users\Deniska\Desktop\FRST.txt
2015-01-18 21:21 - 2015-01-18 21:21 - 00112640 _____ (forum.viry.cz) C:\Users\Deniska\Downloads\Unconfirmed 770086.crdownload
2015-01-18 21:21 - 2015-01-18 21:21 - 00112640 _____ (forum.viry.cz) C:\Users\Deniska\Downloads\Unconfirmed 651741.crdownload
2015-01-18 21:20 - 2015-01-18 21:22 - 00000000 ____D () C:\FRST
2015-01-18 21:20 - 2015-01-18 21:20 - 00112640 _____ (forum.viry.cz) C:\Users\Deniska\Downloads\Unconfirmed 103088.crdownload
2015-01-18 21:18 - 2015-01-18 21:18 - 02126848 _____ (Farbar) C:\Users\Deniska\Desktop\FRST64.exe
2015-01-18 20:55 - 2015-01-18 20:59 - 00000000 ____D () C:\AdwCleaner
2015-01-18 20:50 - 2014-03-06 13:19 - 00000426 _____ () C:\AVScanner.ini
2015-01-18 20:46 - 2015-01-18 20:47 - 02186752 _____ () C:\Users\Deniska\Desktop\adwcleaner_4.108.exe
2015-01-18 01:17 - 2015-01-18 01:17 - 00069558 _____ () C:\Users\Deniska\Desktop\Extras.Txt notepad.txt
2015-01-18 01:16 - 2015-01-18 01:16 - 00409452 _____ () C:\Users\Deniska\Desktop\OTL.Txt notepad.txt
2015-01-18 01:14 - 2015-01-18 01:14 - 00069558 _____ () C:\Users\Deniska\Desktop\Extras.Txt
2015-01-18 01:12 - 2015-01-18 01:12 - 00409452 _____ () C:\Users\Deniska\Desktop\OTL.Txt
2015-01-17 22:42 - 2015-01-18 00:08 - 00000512 _____ () C:\PhysicalMBR.bin
2015-01-17 22:29 - 2015-01-17 22:29 - 00602112 _____ (OldTimer Tools) C:\Users\Deniska\Desktop\OTL.exe
2015-01-17 21:49 - 2015-01-17 21:50 - 00000000 ____D () C:\rsit
2015-01-17 21:49 - 2015-01-17 21:49 - 00000000 ____D () C:\Program Files\trend micro
2015-01-17 21:44 - 2015-01-17 21:44 - 01222144 _____ () C:\Users\Deniska\Desktop\RSITx64.exe
2015-01-17 01:48 - 2006-07-26 19:43 - 733810688 _____ () C:\Users\Deniska\Desktop\Restart.avi
2015-01-16 01:03 - 2013-09-30 02:48 - 183611392 _____ () C:\Users\Deniska\Desktop\Archer.2009.S01E02.DVDRip.XViD-OSiTV.avi
2015-01-16 01:03 - 2013-09-30 02:47 - 183498752 _____ () C:\Users\Deniska\Desktop\Archer.2009.S01E01.DVDRip.XViD-OSiTV.avi
2015-01-16 01:02 - 2015-01-16 01:02 - 00000000 ____D () C:\Users\Deniska\Desktop\Searching For Sugar Man 2012 BRRip XviD AC3 - HDSI
2015-01-16 01:01 - 2015-01-16 01:02 - 00000000 ____D () C:\Users\Deniska\Desktop\Frances ha (2012) CRITERION 720p 5.1 BRRiP x264 AAC [Team Nanban]
2015-01-14 21:18 - 2015-01-14 21:18 - 00137888 _____ (Spotify Ltd) C:\Users\Deniska\Downloads\SpotifySetup (1).exe
2015-01-14 20:28 - 2015-01-15 03:34 - 00000000 ____D () C:\Users\Deniska\AppData\Local\Spotify
2015-01-14 20:28 - 2015-01-14 20:28 - 00001815 _____ () C:\Users\Deniska\Desktop\Spotify.lnk
2015-01-14 20:28 - 2015-01-14 20:28 - 00001801 _____ () C:\Users\Deniska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-01-14 20:27 - 2015-01-17 22:30 - 00000000 ____D () C:\Users\Deniska\AppData\Roaming\Spotify
2015-01-14 20:27 - 2015-01-14 20:27 - 00137888 _____ (Spotify Ltd) C:\Users\Deniska\Downloads\SpotifySetup.exe
2015-01-14 14:19 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 14:19 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 14:19 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 14:19 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 14:19 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 14:19 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 14:18 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 14:18 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 14:18 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 14:18 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 14:18 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 14:18 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 14:18 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-09 03:21 - 2015-01-09 04:02 - 00000000 ____D () C:\Users\Deniska\Downloads\Trailer Park Boys The Countdown To Liquor Day (DL_King)
2015-01-08 17:58 - 2015-01-08 18:06 - 137476931 _____ () C:\Users\Deniska\Downloads\P's-A-Love.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 21:11 - 2009-07-14 05:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-18 21:11 - 2009-07-14 05:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-18 21:09 - 2012-05-24 05:39 - 02041767 _____ () C:\Windows\WindowsUpdate.log
2015-01-18 21:02 - 2012-05-23 16:49 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-18 21:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-18 21:02 - 2009-07-14 05:51 - 00149143 _____ () C:\Windows\setupact.log
2015-01-18 21:01 - 2012-05-24 01:25 - 00545584 _____ () C:\Windows\PFRO.log
2015-01-18 20:59 - 2012-05-23 16:49 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-18 20:52 - 2012-05-23 19:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-18 20:42 - 2013-04-04 09:13 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-18 02:08 - 2012-05-23 19:51 - 00000000 ____D () C:\Users\Deniska\AppData\Roaming\ICQ
2015-01-18 01:52 - 2012-05-23 19:48 - 00000000 ____D () C:\Users\Deniska\AppData\Roaming\Skype
2015-01-18 01:35 - 2013-03-04 08:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-18 00:56 - 2012-05-28 14:08 - 00000000 ____D () C:\Users\Deniska\AppData\Local\CrashDumps
2015-01-18 00:35 - 2013-12-04 00:28 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000UA.job
2015-01-18 00:33 - 2013-12-04 00:28 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000Core.job
2015-01-16 11:51 - 2013-04-14 21:20 - 00000000 ____D () C:\Users\Deniska\Desktop\New folder
2015-01-16 00:58 - 2009-07-14 06:13 - 00797890 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-15 10:04 - 2012-05-24 00:50 - 00002050 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-01-15 03:31 - 2014-08-25 17:05 - 00000000 ____D () C:\Users\Deniska\AppData\Local\SWDS
2015-01-15 03:27 - 2012-10-07 12:17 - 00000000 ____D () C:\Users\Deniska\AppData\Roaming\uTorrent
2015-01-15 03:23 - 2013-07-24 08:33 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 03:04 - 2012-05-23 21:06 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-06 17:58 - 2014-06-25 18:59 - 00000000 ____D () C:\Windows\SysWOW64\mjcm
2015-01-06 17:58 - 2014-06-25 18:59 - 00000000 ____D () C:\Windows\system32\tprb
2015-01-06 04:36 - 2012-05-26 15:57 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-06 00:44 - 2012-10-16 17:38 - 00000000 ____D () C:\Users\Deniska\Desktop\VS
2015-01-03 21:27 - 2012-05-23 17:14 - 00000000 ___RD () C:\Users\Deniska\Desktop\Programy
2014-12-25 23:17 - 2014-11-13 09:00 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Files in the root of some directories =======
2012-06-11 21:49 - 2014-06-10 21:45 - 0004608 _____ () C:\Users\Deniska\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some content of TEMP:
====================
C:\Users\Deniska\AppData\Local\Temp\ApnIC.dll
C:\Users\Deniska\AppData\Local\Temp\ApnStub.exe
C:\Users\Deniska\AppData\Local\Temp\ApnToolbarInstaller.exe
C:\Users\Deniska\AppData\Local\Temp\GomEncDnInstaller.exe
C:\Users\Deniska\AppData\Local\Temp\htmlayout.dll
C:\Users\Deniska\AppData\Local\Temp\ieframe.dll
C:\Users\Deniska\AppData\Local\Temp\Quarantine.exe
C:\Users\Deniska\AppData\Local\Temp\Runner.exe
C:\Users\Deniska\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\Deniska\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Deniska\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Deniska\AppData\Local\Temp\Softonic_EN_1-5-1.exe
C:\Users\Deniska\AppData\Local\Temp\sqlite3.dll
C:\Users\Deniska\AppData\Local\Temp\tbedrs.dll
C:\Users\Deniska\AppData\Local\Temp\utt3A26.tmp.exe
C:\Users\Deniska\AppData\Local\Temp\utt5409.tmp.exe
C:\Users\Deniska\AppData\Local\Temp\uttDD2C.tmp.exe
C:\Users\Deniska\AppData\Local\Temp\_isE4C3.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-16 01:20

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2015 01
Ran by Deniska at 2015-01-18 21:24:35
Running from C:\Users\Deniska\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29625 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_719d6f144d0c086a0dfa7ff76bb9ac1) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.00.985 - AIMP DevTeam)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.4.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Sonic Focus (HKLM-x32\...\{B0002707-4F7E-4745-88A7-852DA8A88635}) (Version: 1.0.0.5 - Synopsys )
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
AsusScr_K3 Series_ENG (HKLM-x32\...\AsusScr_K3 Series_ENG) (Version: 1.0.0001 - ASUS)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0015 - ASUS)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.90 - Atheros Communications)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.65.1074 - AB Team, d.o.o.)
CCleaner (remove only) (HKLM-x32\...\CCleaner) (Version: - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-X64 11.5.0.9_WHQL (HKLM\...\Elantech) (Version: 11.5.0.9 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.37.5085 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.10 - ASUS)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2462 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 4.1.7 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 4.1.7 - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MPEG2 Codec(libmpeg2/mad) (HKLM-x32\...\MPEG2 Codec(libmpeg2/mad)) (Version: - )
NVIDIA Graphics Driver 285.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.64 - NVIDIA Corporation)
PC Translator 2004 Komplet (HKLM-x32\...\PC Translator 2004 Komplet) (Version: - JANOSiK TEAM)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: - )
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6499 - Realtek Semiconductor Corp.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50 - C. Ghisler & Co.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
uTorrentControl_v2 Toolbar (HKLM-x32\...\uTorrentControl_v2 Toolbar) (Version: 6.9.0.16 - uTorrentControl_v2) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
WinRAR archivátor (HKLM-x32\...\WinRAR archiver) (Version: - )
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-899002400-3667767954-2353274250-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Deniska\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-899002400-3667767954-2353274250-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Deniska\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-899002400-3667767954-2353274250-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Deniska\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-899002400-3667767954-2353274250-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Deniska\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-899002400-3667767954-2353274250-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Deniska\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

06-01-2015 18:04:52 Windows Update
14-01-2015 14:19:19 Windows Update
15-01-2015 03:00:33 Windows Update
17-01-2015 22:41:55 OTL Restore Point - 17. 1. 2015 22:41:53
18-01-2015 00:07:20 OTL Restore Point - 18. 1. 2015 00:07:19
18-01-2015 20:50:31 Removed Skype Click to Call

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {38C0812C-9647-42A3-A92F-D096CF41CB36} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-20] (Adobe Systems Incorporated)
Task: {4A7298FB-D6BA-4716-8CD0-35D2B3AE96F5} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2012-03-09] (ASUSTek Computer Inc.)
Task: {5D01B1E6-ACE6-4E3E-86F0-2E5DF17D41F6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000Core => C:\Users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-04] (Facebook Inc.)
Task: {710D7568-3E17-46CD-AF7B-6D4CB9CF1A70} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-07-09] (AVAST Software)
Task: {7E4BDD4C-7220-4309-9AA5-B57CA709D1CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)
Task: {8A9BA9F5-2706-4E3B-9641-60CB208C0D4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.)
Task: {8FCB2366-E34E-4BAE-A613-27A6965E34C4} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
Task: {9B3779DE-DC76-4186-845C-0E31FB37BBD8} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-01-09] (ASUSTeK Computer Inc.)
Task: {9EEFC675-FA3B-44EE-AA49-87D7ED869955} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2011-10-03] (ASUS)
Task: {A41D8627-63F9-48EF-BCFB-04FC7022F476} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000UA => C:\Users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-04] (Facebook Inc.)
Task: {BBB12B21-B125-45D7-912E-274A3333BD2C} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22] (ASUSTek Computer Inc.)
Task: {EF82E5DE-16FA-48A1-8D5B-D0AD75B3B2EF} - System32\Tasks\Games\UpdateCheck_S-1-5-21-899002400-3667767954-2353274250-1000
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000Core.job => C:\Users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000UA.job => C:\Users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-05-23 16:51 - 2008-06-20 08:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2010-07-14 15:11 - 2010-07-14 15:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-05-24 00:09 - 2011-07-26 08:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-05-23 17:22 - 2007-09-02 21:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-07-09 08:36 - 2014-07-09 08:36 - 00301152 _____ () C:\Program Files\Alwil Software\Avast5\aswProperty.dll
2015-01-18 20:45 - 2015-01-18 20:45 - 02911744 _____ () C:\Program Files\Alwil Software\Avast5\defs\15011801\algo.dll
2012-05-23 17:22 - 2007-09-02 21:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2012-01-31 08:25 - 2012-01-31 08:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2014-07-09 08:36 - 2014-07-09 08:36 - 19329904 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2012-01-12 16:17 - 2012-01-12 16:17 - 00204800 _____ () C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
2012-02-08 15:55 - 2012-02-08 15:55 - 00131712 _____ () C:\Program Files (x86)\ASUS\AI Recovery\DiskInfo.dll
2012-03-09 11:39 - 2012-03-09 11:39 - 00049792 _____ () C:\Program Files (x86)\ASUS\AI Recovery\RecoveryDVDLang.dll
2015-01-15 16:02 - 2015-01-09 01:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-15 16:02 - 2015-01-09 01:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-15 16:02 - 2015-01-09 01:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-15 16:02 - 2015-01-09 01:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2014-11-20 09:43 - 2014-11-20 09:43 - 16840880 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

========================= Accounts: ==========================

Administrator (S-1-5-21-899002400-3667767954-2353274250-500 - Administrator - Disabled)
Deniska (S-1-5-21-899002400-3667767954-2353274250-1000 - Administrator - Enabled) => C:\Users\Deniska
Guest (S-1-5-21-899002400-3667767954-2353274250-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-899002400-3667767954-2353274250-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-899002400-3667767954-2353274250-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Bluetooth Module
Description: Bluetooth Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/18/2015 00:56:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17496, time stamp: 0x546fdf97
Faulting module name: nsib.dll, version: 5.1.5.4, time stamp: 0x54aabffc
Exception code: 0xc0000409
Fault offset: 0x00000000000399d8
Faulting process id: 0x60e0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (01/18/2015 00:35:07 AM) (Source: Google Update) (EventID: 20) (User: notbucik)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7

Error: (01/17/2015 09:35:06 PM) (Source: Google Update) (EventID: 20) (User: notbucik)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7

Error: (01/17/2015 06:48:34 PM) (Source: Google Update) (EventID: 20) (User: notbucik)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (01/15/2015 10:51:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SpotifyWebHelper.exe, version: 0.9.15.27, time stamp: 0x54803b75
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00730079
Faulting process id: 0xb28
Faulting application start time: 0xSpotifyWebHelper.exe0
Faulting application path: SpotifyWebHelper.exe1
Faulting module path: SpotifyWebHelper.exe2
Report Id: SpotifyWebHelper.exe3

Error: (01/09/2015 09:20:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3
Faulting module name: chrome.dll, version: 39.0.2171.95, time stamp: 0x54823ff4
Exception code: 0x80000003
Fault offset: 0x004fd39c
Faulting process id: 0x160c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (01/04/2015 11:39:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Skype.exe, version: 6.20.0.104, time stamp: 0x53fd9215
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x3744
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3

Error: (01/04/2015 10:06:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3
Faulting module name: chrome.dll, version: 39.0.2171.95, time stamp: 0x54823ff4
Exception code: 0x80000003
Fault offset: 0x004fd39c
Faulting process id: 0x2bcc
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (01/03/2015 11:33:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Skype.exe, version: 6.20.0.104, time stamp: 0x53fd9215
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1924
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3

Error: (01/03/2015 07:56:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 39.0.2171.95, time stamp: 0x548243f3
Faulting module name: chrome.dll, version: 39.0.2171.95, time stamp: 0x54823ff4
Exception code: 0x80000003
Fault offset: 0x004fd39c
Faulting process id: 0x7bd7c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

System errors:
=============
Error: (01/18/2015 09:01:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll

Error: (01/18/2015 09:01:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll

Error: (01/18/2015 09:00:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll

Error: (01/18/2015 08:59:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/18/2015 08:59:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/18/2015 08:59:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The IBUpdaterService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (01/18/2015 08:59:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AtherosSvc service terminated unexpectedly. It has done this 1 time(s).

Error: (01/18/2015 08:59:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (01/18/2015 08:59:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (01/18/2015 08:59:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

Microsoft Office Sessions:
=========================
Error: (11/26/2013 00:39:13 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 388531 seconds with 13980 seconds of active time. This session ended with a crash.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 47%
Total physical RAM: 3872.06 MB
Available physical RAM: 2037.21 MB
Total Pagefile: 7742.3 MB
Available Pagefile: 5342.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.64 GB) (Free:597.62 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 7C12E647)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC.

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\Run: [Facebook Update] => C:\Users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-12-04] (Facebook Inc.)
HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\RunOnce: [Adobe Speed Launcher] => 1421611420
HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_223_Plugin.exe [855216 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-899002400-3667767954-2353274250-1000\...\MountPoints2: {5aa7fac2-a559-11e1-b378-806e6f6e6963} - D:\InstAll.exe
HKU\S-1-5-21-899002400-3667767954-2353274250-1001\...\MountPoints2: {5aa7fac2-a559-11e1-b378-806e6f6e6963} - D:\InstAll.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

FF Plugin HKU\S-1-5-21-899002400-3667767954-2353274250-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Deniska\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File

CHR StartupUrls: Default -> "", "https://www.google.sk/?gws_rd=ssl"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\internal-nacl-plugin No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Deniska\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Deniska\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaigjndjblmpeckabiffcpogflfgl] - C:\Users\Deniska\AppData\Local\ilividbandoomoviestoolbar\GC\toolbar.crx [2014-07-03]

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

2015-01-18 21:22 - 2015-01-18 21:23 - 00019650 _____ () C:\Users\Deniska\Desktop\FRST.txt
2015-01-18 21:21 - 2015-01-18 21:21 - 00112640 _____ (forum.viry.cz) C:\Users\Deniska\Downloads\Unconfirmed 770086.crdownload
2015-01-18 21:21 - 2015-01-18 21:21 - 00112640 _____ (forum.viry.cz) C:\Users\Deniska\Downloads\Unconfirmed 651741.crdownload
2015-01-18 21:20 - 2015-01-18 21:20 - 00112640 _____ (forum.viry.cz) C:\Users\Deniska\Downloads\Unconfirmed 103088.crdownload
2015-01-18 20:55 - 2015-01-18 20:59 - 00000000 ____D () C:\AdwCleaner
2015-01-18 20:46 - 2015-01-18 20:47 - 02186752 _____ () C:\Users\Deniska\Desktop\adwcleaner_4.108.exe
2015-01-18 01:17 - 2015-01-18 01:17 - 00069558 _____ () C:\Users\Deniska\Desktop\Extras.Txt notepad.txt
2015-01-18 01:16 - 2015-01-18 01:16 - 00409452 _____ () C:\Users\Deniska\Desktop\OTL.Txt notepad.txt
2015-01-18 01:14 - 2015-01-18 01:14 - 00069558 _____ () C:\Users\Deniska\Desktop\Extras.Txt
2015-01-18 01:12 - 2015-01-18 01:12 - 00409452 _____ () C:\Users\Deniska\Desktop\OTL.Txt
2015-01-17 22:29 - 2015-01-17 22:29 - 00602112 _____ (OldTimer Tools) C:\Users\Deniska\Desktop\OTL.exe
2015-01-17 21:49 - 2015-01-17 21:50 - 00000000 ____D () C:\rsit
2015-01-17 21:49 - 2015-01-17 21:49 - 00000000 ____D () C:\Program Files\trend micro
2015-01-17 21:44 - 2015-01-17 21:44 - 01222144 _____ () C:\Users\Deniska\Desktop\RSITx64.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000Core.job => C:\Users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-899002400-3667767954-2353274250-1000UA.job => C:\Users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End

VIRY.CZ

proim o kontrolu logu

proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu

Re: proim o kontrolu logu