VIRY.CZ

Dobrý deň. Na otcovom notebooku stále vyskakuje okno inet32upd.exe - System Error. Vždy, keď sa vrátim po týždni na intráku domov musím opravovať jeho ntb, ale s týmto si už neviem rady. Prikladám RSIT log. Dakujem za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Julko at 2015-06-15 12:37:14
Microsoft Windows 7 Ultimate Service Pack 1
System drive F: has 3 GB (8%) free of 38 GB
Total RAM: 2940 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:37:59, on 15. 6. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
F:\Windows\system32\taskhost.exe
F:\Windows\system32\Dwm.exe
F:\Windows\Explorer.EXE
C:\Program Files\MRP\MRPRun.exe
F:\Program Files\Avira\AntiVir Desktop\avgnt.exe
F:\Program Files\Avira\Launcher\Avira.Systray.exe
F:\Users\Julko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
F:\Windows\system32\wuauclt.exe
F:\Users\Julko\AppData\Roaming\Microsoft\Networking\inet32upd.exe
F:\Windows\system32\conhost.exe
F:\Windows\system32\MsiExec.exe
F:\Windows\system32\MsiExec.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Users\Julko\Desktop\RSIT.exe
F:\Program Files\trend micro\Julko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MRPRun] C:\PROGRA~1\MRP\MRPRun.exe
O4 - HKLM\..\Run: [avgnt] "F:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "F:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Avira Systray] F:\Program Files\Avira\Launcher\Avira.Systray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "F:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "F:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: conhost32.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://F:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8870C058-C9D9-4277-BFFD-76D094CBEB34} (3D Superb Setup) - http://www.3dsuperb.com/app/SupOcxSetupEx.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - F:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - F:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - F:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - F:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - F:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - F:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - F:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - F:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - F:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - F:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - F:\Program Files\Wise\Wise Care 365\BootTime.exe

--
End of file - 5402 bytes

======Scheduled tasks folder======

F:\Windows\tasks\Adobe Flash Player Updater.job - F:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
F:\Windows\tasks\Wise Turbo Checker.job - F:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

=========Mozilla firefox=========

ProfilePath - F:\Users\Julko\AppData\Roaming\Mozilla\Firefox\Profiles\mi7imrhu.default

prefs.js - "browser.startup.homepage" - "http://google.com/"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=F:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=F:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=F:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=F:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=F:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin]
"Description"=VideoDownloadConverter_ScriptHelper Plugin
"Path"=F:\Program Files\VideoDownloadConverter\npVDCPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=F:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=F:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


F:\Users\Julko\AppData\Roaming\Mozilla\Firefox\Profiles\mi7imrhu.default\extensions\
abs@avira.com
bingsearch.full@microsoft.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - F:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - F:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - F:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MRPRun"=C:\PROGRA~1\MRP\MRPRun.exe [2002-11-19 550400]
"avgnt"=F:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2015-05-05 728312]
"Adobe ARM"=F:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"Avira Systray"=F:\Program Files\Avira\Launcher\Avira.Systray.exe [2015-05-21 130864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
F:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Users^Julko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^conhost32.7z]
F:\Users\Julko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.7z []

F:\Users\Julko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
conhost32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=F:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=F:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - F:\Windows\System32\Notepad.exe %1
.js - open - F:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-15 12:37:15 ----D---- F:\Program Files\trend micro
2015-06-15 12:37:14 ----D---- F:\rsit
2015-06-15 12:17:41 ----D---- F:\Windows\pss
2015-06-15 12:07:19 ----D---- F:\AdwCleaner
2015-06-12 18:45:04 ----A---- F:\Windows\system32\win32k.sys
2015-06-12 18:45:03 ----A---- F:\Windows\system32\wmp.dll
2015-06-12 18:45:02 ----A---- F:\Windows\system32\spwmp.dll
2015-06-12 18:45:01 ----A---- F:\Windows\system32\wmploc.DLL
2015-06-12 18:45:01 ----A---- F:\Windows\system32\dxmasf.dll
2015-06-12 18:44:56 ----A---- F:\Windows\system32\vbscript.dll
2015-06-12 18:44:56 ----A---- F:\Windows\system32\urlmon.dll
2015-06-12 18:44:56 ----A---- F:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-12 18:44:56 ----A---- F:\Windows\system32\jsproxy.dll
2015-06-12 18:44:56 ----A---- F:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-12 18:44:56 ----A---- F:\Windows\system32\ieUnatt.exe
2015-06-12 18:44:56 ----A---- F:\Windows\system32\iernonce.dll
2015-06-12 18:44:56 ----A---- F:\Windows\system32\ieetwproxystub.dll
2015-06-12 18:44:56 ----A---- F:\Windows\system32\ieetwcollector.exe
2015-06-12 18:44:56 ----A---- F:\Windows\system32\iedkcs32.dll
2015-06-12 18:44:56 ----A---- F:\Windows\system32\ie4uinit.exe
2015-06-12 18:44:55 ----A---- F:\Windows\system32\msfeeds.dll
2015-06-12 18:44:55 ----A---- F:\Windows\system32\jscript9diag.dll
2015-06-12 18:44:55 ----A---- F:\Windows\system32\ieapfltr.dll
2015-06-12 18:44:55 ----A---- F:\Windows\system32\dxtmsft.dll
2015-06-12 18:44:54 ----A---- F:\Windows\system32\msrating.dll
2015-06-12 18:44:54 ----A---- F:\Windows\system32\iesetup.dll
2015-06-12 18:44:53 ----A---- F:\Windows\system32\wininet.dll
2015-06-12 18:44:53 ----A---- F:\Windows\system32\jscript.dll
2015-06-12 18:44:53 ----A---- F:\Windows\system32\ieetwcollectorres.dll
2015-06-12 18:44:52 ----A---- F:\Windows\system32\dxtrans.dll
2015-06-12 18:44:51 ----A---- F:\Windows\system32\ieui.dll
2015-06-12 18:44:50 ----A---- F:\Windows\system32\ieframe.dll
2015-06-12 18:44:49 ----A---- F:\Windows\system32\mshtmled.dll
2015-06-12 18:44:48 ----A---- F:\Windows\system32\mshtmlmedia.dll
2015-06-12 18:44:48 ----A---- F:\Windows\system32\MshtmlDac.dll
2015-06-12 18:44:47 ----A---- F:\Windows\system32\jscript9.dll
2015-06-12 18:44:46 ----A---- F:\Windows\system32\mshtml.dll
2015-06-12 18:44:45 ----A---- F:\Windows\system32\iertutil.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-12 18:44:38 ----AH---- F:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-12 18:44:38 ----A---- F:\Windows\system32\winsrv.dll
2015-06-12 18:44:38 ----A---- F:\Windows\system32\KernelBase.dll
2015-06-12 18:44:38 ----A---- F:\Windows\system32\kernel32.dll
2015-06-12 18:44:38 ----A---- F:\Windows\system32\conhost.exe
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-12 18:44:37 ----AH---- F:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-12 18:42:47 ----A---- F:\Windows\system32\comctl32.dll
2015-06-07 19:56:39 ----D---- F:\Users\Julko\AppData\Roaming\vlc
2015-06-02 16:02:48 ----D---- F:\Program Files\Mozilla Firefox
2015-05-20 08:03:43 ----A---- F:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-20 07:38:59 ----A---- F:\Windows\system32\services.exe
2015-05-20 07:38:58 ----A---- F:\Windows\system32\FntCache.dll
2015-05-20 07:38:57 ----A---- F:\Windows\system32\DWrite.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\wdigest.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\TSpkg.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\sspisrv.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\sspicli.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\schannel.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\secur32.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\ncrypt.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\msv1_0.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\msobjs.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\msaudite.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\lsass.exe
2015-05-20 07:38:51 ----A---- F:\Windows\system32\lsasrv.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\kerberos.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\drivers\ksecpkg.sys
2015-05-20 07:38:51 ----A---- F:\Windows\system32\drivers\ksecdd.sys
2015-05-20 07:38:51 ----A---- F:\Windows\system32\credssp.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\certcli.dll
2015-05-20 07:38:51 ----A---- F:\Windows\system32\auditpol.exe
2015-05-20 07:38:51 ----A---- F:\Windows\system32\adtschema.dll
2015-05-20 07:38:13 ----A---- F:\Windows\system32\jnwmon.dll
2015-05-20 07:38:13 ----A---- F:\Windows\system32\InkEd.dll
2015-05-20 07:34:53 ----A---- F:\Windows\system32\poqexec.exe

======List of files/folders modified in the last 1 month======

2015-06-15 12:37:19 ----D---- F:\Windows\Temp
2015-06-15 12:37:15 ----RD---- F:\Program Files
2015-06-15 12:28:58 ----D---- F:\Windows\system32\config
2015-06-15 12:28:11 ----SHD---- F:\Windows\Installer
2015-06-15 12:27:56 ----HD---- F:\ProgramData
2015-06-15 12:27:08 ----D---- F:\Windows\system32\DriverStore
2015-06-15 12:27:08 ----D---- F:\Windows\inf
2015-06-15 12:27:07 ----D---- F:\Windows\system32\drivers
2015-06-15 12:17:41 ----D---- F:\Windows
2015-06-15 12:15:54 ----D---- F:\Windows\Tasks
2015-06-15 12:13:39 ----D---- F:\Users\Julko\AppData\Roaming\Wise Care 365
2015-06-15 12:12:46 ----SHD---- F:\System Volume Information
2015-06-15 12:12:35 ----D---- F:\ProgramData\Avira
2015-06-15 11:49:51 ----D---- F:\Windows\system32\Tasks
2015-06-15 11:30:30 ----D---- F:\ProgramData\Package Cache
2015-06-15 11:30:18 ----D---- F:\Program Files\Avira
2015-06-15 11:12:35 ----RD---- F:\Program Files\Skype
2015-06-15 11:09:09 ----D---- F:\Windows\debug
2015-06-15 10:59:44 ----D---- F:\Windows\System32
2015-06-15 10:59:44 ----A---- F:\Windows\system32\PerfStringBackup.INI
2015-06-14 18:07:49 ----SD---- F:\Users\Julko\AppData\Roaming\Microsoft
2015-06-14 12:11:14 ----D---- F:\Windows\rescache
2015-06-13 19:04:47 ----D---- F:\Windows\winsxs
2015-06-12 19:49:44 ----D---- F:\Windows\system32\sk-SK
2015-06-12 19:49:44 ----D---- F:\Windows\system32\en-US
2015-06-12 19:49:44 ----D---- F:\Windows\PolicyDefinitions
2015-06-12 19:49:42 ----D---- F:\Program Files\Internet Explorer
2015-06-12 19:49:41 ----D---- F:\Program Files\Windows Media Player
2015-06-12 18:58:39 ----D---- F:\ProgramData\Microsoft Help
2015-06-12 18:55:00 ----A---- F:\Windows\win.ini
2015-06-12 18:54:09 ----D---- F:\Windows\system32\MRT
2015-06-12 18:47:05 ----A---- F:\Windows\system32\MRT.exe
2015-06-12 07:42:16 ----A---- F:\Windows\system32\FlashPlayerApp.exe
2015-06-08 22:07:47 ----D---- F:\Windows\Prefetch
2015-06-03 19:12:04 ----D---- F:\Program Files\Mozilla Maintenance Service
2015-05-27 11:16:35 ----D---- F:\Windows\system32\catroot2
2015-05-25 20:34:55 ----D---- F:\CENKROSplusData
2015-05-22 07:27:53 ----D---- F:\Program Files\Windows Journal
2015-05-21 10:49:43 ----D---- F:\Windows\Microsoft.NET
2015-05-21 10:49:14 ----RSD---- F:\Windows\assembly
2015-05-19 09:20:58 ----D---- F:\Program Files\Microsoft Office
2015-05-19 09:19:45 ----D---- F:\ProgramData\McAfee Security Scan

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; F:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; F:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; F:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; F:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 Angelnt;Angelnt; F:\Windows\System32\Drivers\angelnt.sys [2012-11-29 77560]
R1 avipbb;avipbb; F:\Windows\system32\DRIVERS\avipbb.sys [2015-05-05 136216]
R1 avkmgr;avkmgr; F:\Windows\system32\DRIVERS\avkmgr.sys [2015-05-05 37896]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; F:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\F:\Program Files\UltraISO\drivers\ISODrive.sys [2010-01-29 82320]
R1 ssmdrv;ssmdrv; F:\Windows\system32\DRIVERS\ssmdrv.sys [2014-07-23 28520]
R2 avgntflt;avgntflt; F:\Windows\system32\DRIVERS\avgntflt.sys [2015-05-05 107400]
R2 avnetflt;avnetflt; F:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-10 37896]
R3 igfx;igfx; F:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; F:\Windows\system32\DRIVERS\Rockey4.sys [2012-11-29 26976]
R3 RTL8167;Realtek 8167 NT Driver; F:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; F:\Windows\system32\DRIVERS\RTL8187B.sys [2009-07-14 347136]
R3 SrvHsfHDA;SrvHsfHDA; F:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
R3 SrvHsfV92;SrvHsfV92; F:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
R3 SrvHsfWinac;SrvHsfWinac; F:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
R4 eamonm;eamonm; F:\Windows\system32\DRIVERS\eamonm.sys []
R4 ehdrv;ehdrv; F:\Windows\system32\DRIVERS\ehdrv.sys []
S2 Parvdm;Parvdm; F:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; F:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; F:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 angkeyu;Usb AngelKey; F:\Windows\System32\Drivers\angkeyu.sys [2012-11-29 19576]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; F:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 nmwcd;Nokia USB Phone Parent Driver; F:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; F:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; F:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 RDPDR;Terminal Server Device Redirector Driver; F:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; F:\Windows\System32\drivers\rdpvideominiport.sys [2015-01-31 15872]
S3 RimUsb;BlackBerry Smartphone; F:\Windows\System32\Drivers\RimUsb.sys [2007-05-14 22656]
S3 s3cap;s3cap; F:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; F:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; F:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; F:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; F:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; F:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; F:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbscan;USB Scanner Driver; F:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; F:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; F:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 VGPU;VGPU; F:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; F:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; F:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; F:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WiseHDInfo;WiseHDInfo; \??\F:\Windows\WiseHDInfo32.dll [2015-04-09 11816]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; F:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AntiVirService;Avira Real-Time Protection; F:\Program Files\Avira\AntiVir Desktop\avguard.exe [2015-05-05 434424]
R2 AntiVirSchedulerService;Avira Scheduler; F:\Program Files\Avira\AntiVir Desktop\sched.exe [2015-05-05 434424]
R2 Avira.ServiceHost;Avira Service Host; F:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [2015-05-21 208632]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; F:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 AppMgmt;@appmgmts.dll,-3250; F:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 osppsvc;Office Software Protection Platform; F:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 AntiVirMailService;Avira Mail Protection; F:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [2015-05-05 827640]
S2 AntiVirWebService;Avira Web Protection; F:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [2015-05-05 1185584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; F:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; F:\Program Files\Skype\Updater\Updater.exe [2015-01-02 315488]
S2 WiseBootAssistant;Wise Boot Assistant; F:\Program Files\Wise\Wise Care 365\BootTime.exe [2014-10-28 580232]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; F:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-12 268464]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; F:\Windows\system32\IEEtwCollector.exe [2015-05-23 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; F:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; F:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-02 148080]
S3 ose;Office Source Engine; F:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; F:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; F:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; F:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Zdravim

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence (v hodnote nejake tisic) Ultimate zrovna neni bezna domaci verze

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Posielam OTL:

OTL logfile created on: 6/15/2015 1:01:34 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\Julko\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 00000409 | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

2.87 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 63.40% Memory free
5.74 Gb Paging File | 4.44 Gb Available in Paging File | 77.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\Windows | %ProgramFiles% = F:\Program Files
Drive C: | 173.03 Gb Total Space | 70.39 Gb Free Space | 40.68% Space Free | Partition Type: NTFS
Drive F: | 37.47 Gb Total Space | 3.24 Gb Free Space | 8.66% Space Free | Partition Type: NTFS
Drive Q: | 100.00 Mb Total Space | 58.02 Mb Free Space | 58.03% Space Free | Partition Type: NTFS

Computer Name: ON | User Name: Julko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2015/06/15 12:58:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\Julko\Desktop\OTL.exe
PRC - [2015/06/14 18:07:50 | 000,494,606 | ---- | M] () -- F:\Users\Julko\AppData\Roaming\Microsoft\Networking\inet32upd.exe
PRC - [2015/06/02 16:02:55 | 000,376,944 | ---- | M] (Mozilla Corporation) -- F:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2015/05/21 11:01:32 | 000,130,864 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Program Files\Avira\Launcher\Avira.Systray.exe
PRC - [2015/05/21 10:59:50 | 000,208,632 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
PRC - [2015/05/09 05:12:59 | 000,271,360 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\conhost.exe
PRC - [2015/05/05 14:37:39 | 000,434,424 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2015/05/05 14:37:28 | 000,428,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2015/05/05 14:37:25 | 000,434,424 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2015/05/05 14:37:24 | 000,728,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2015/03/09 13:07:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- F:\Windows\System32\taskhost.exe
PRC - [2015/03/04 20:58:38 | 007,475,200 | ---- | M] () -- F:\Users\Julko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
PRC - [2014/12/19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- F:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- F:\Windows\explorer.exe
PRC - [2002/11/19 11:33:00 | 000,550,400 | ---- | M] (MRP-Informatics, s.r.o.) -- C:\Program Files\MRP\MRPRun.exe


========== Modules (No Company Name) ==========

MOD - [2015/06/14 18:07:50 | 000,494,606 | ---- | M] () -- F:\Users\Julko\AppData\Roaming\Microsoft\Networking\inet32upd.exe
MOD - [2015/06/14 18:07:50 | 000,279,955 | ---- | M] () -- F:\Users\Julko\AppData\Roaming\Microsoft\Networking\libidn-11.dll
MOD - [2015/06/14 18:07:50 | 000,131,598 | ---- | M] () -- F:\Users\Julko\AppData\Roaming\Microsoft\Networking\zlib1.dll
MOD - [2015/06/14 18:07:50 | 000,112,142 | ---- | M] () -- F:\Users\Julko\AppData\Roaming\Microsoft\Networking\libgcc_s_dw2-1.dll
MOD - [2015/05/20 08:48:00 | 000,221,696 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\a88662f8aecbbe6d2e5b7e4ceab084f3\System.ServiceProcess.ni.dll
MOD - [2015/05/20 08:47:53 | 018,109,952 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\fc71a9bee6413a51dc90c8dfcbb3ed0a\System.ServiceModel.ni.dll
MOD - [2015/05/20 08:47:28 | 001,079,296 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\084d0b556894ed3b7df63472e4b143fd\System.IdentityModel.ni.dll
MOD - [2015/05/20 08:45:47 | 001,021,440 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\a55342e32a1b31b37ead50cab0586bb1\System.Runtime.DurableInstancing.ni.dll
MOD - [2015/05/20 08:45:46 | 002,656,768 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b2ddde109d23d4cc6831567b7ca49ede\System.Runtime.Serialization.ni.dll
MOD - [2015/05/20 08:45:43 | 000,393,216 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\c1acbb15e2a6d8d8fd25f264b7128f23\System.Xml.Linq.ni.dll
MOD - [2015/05/20 07:49:37 | 013,201,920 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ef68f6c2d61dfd9e6c0f8560960da572\System.Windows.Forms.ni.dll
MOD - [2015/05/20 07:45:18 | 006,813,184 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\d5ee88214d8f25a6217f2ae145c9405c\System.Data.ni.dll
MOD - [2015/05/20 07:45:11 | 000,690,176 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\dcc79b501a1f1ce5b5cd4e8538374c59\System.ComponentModel.Composition.ni.dll
MOD - [2015/05/20 07:45:10 | 018,003,456 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\6fa1a46d62675a70fd4989583f6fc363\PresentationFramework.ni.dll
MOD - [2015/05/20 07:44:36 | 011,451,904 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\ccdcc2287c0f9ca0de4e576a6510fef8\PresentationCore.ni.dll
MOD - [2015/05/20 07:44:29 | 002,553,344 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\12f7dc99ecc7c4ca2011d8464cd07fbd\System.Data.Linq.ni.dll
MOD - [2015/05/20 07:44:21 | 007,054,336 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\96754f4ce4621a10ba704c8606f265b7\System.Core.ni.dll
MOD - [2015/05/20 07:44:21 | 003,858,944 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\335d82e234ed35e53eb66ccfe2ccec41\WindowsBase.ni.dll
MOD - [2015/05/20 07:44:07 | 001,014,272 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\06adfde7d155affff59325b453622bab\System.Configuration.ni.dll
MOD - [2015/03/09 14:11:17 | 000,649,728 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\be1fe328b955c4f65bc6d8a428c5419c\System.Transactions.ni.dll
MOD - [2015/03/09 14:11:14 | 000,143,360 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\8b38923ee12f297e210c1950cdca3314\SMDiagnostics.ni.dll
MOD - [2015/03/09 14:11:10 | 001,801,728 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\e56cc5d38ab3eeee0770bbcbe678191f\System.Xaml.ni.dll
MOD - [2015/03/09 14:06:24 | 000,595,968 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3da864f240aa35f939797ed72d7372f7\PresentationFramework.Aero.ni.dll
MOD - [2015/03/09 14:06:22 | 001,667,584 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a23645d6eb2661cb8e3d6f0f7c2383f2\System.Drawing.ni.dll
MOD - [2015/03/09 14:06:14 | 005,632,512 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\424ffc68f9a7a6c2888e9c5651055b06\System.Xml.ni.dll
MOD - [2015/03/09 14:06:04 | 009,101,824 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System\f42760a5c112545d79de5aab70fe190a\System.ni.dll
MOD - [2015/03/09 13:28:21 | 000,145,408 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\eb0bc686a48cc386f61fda43a6abb145\System.Numerics.ni.dll
MOD - [2015/03/09 13:28:20 | 014,417,408 | ---- | M] () -- F:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6199fce3bc00112836497efced976ed9\mscorlib.ni.dll
MOD - [2015/03/04 20:58:38 | 007,475,200 | ---- | M] () -- F:\Users\Julko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- F:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV - [2015/06/12 07:42:17 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- F:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/06/02 16:02:54 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- F:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/05/23 05:05:18 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015/05/21 10:59:50 | 000,208,632 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- F:\Program Files\Avira\Launcher\Avira.ServiceHost.exe -- (Avira.ServiceHost)
SRV - [2015/05/05 14:37:39 | 000,434,424 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- F:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2015/05/05 14:37:29 | 001,185,584 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- F:\Program Files\Avira\AntiVir Desktop\avwebg7.exe -- (AntiVirWebService)
SRV - [2015/05/05 14:37:26 | 000,827,640 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- F:\Program Files\Avira\AntiVir Desktop\avmailc7.exe -- (AntiVirMailService)
SRV - [2015/05/05 14:37:25 | 000,434,424 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- F:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2015/01/02 20:45:12 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- F:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- F:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/10/28 17:49:26 | 000,580,232 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- F:\Program Files\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2013/12/19 01:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013/05/27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/06/11 12:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- F:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | Disabled | Running] -- system32\DRIVERS\ehdrv.sys -- (ehdrv)
DRV - File not found [File_System | Disabled | Running] -- system32\DRIVERS\eamonm.sys -- (eamonm)
DRV - [2015/05/05 14:38:22 | 000,136,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- F:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2015/05/05 14:38:22 | 000,107,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- F:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2015/05/05 14:38:22 | 000,037,896 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- F:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2015/04/09 11:48:43 | 000,011,816 | ---- | M] (wisecleaner.com) [Kernel | On_Demand | Stopped] -- F:\Windows\WiseHDInfo32.dll -- (WiseHDInfo)
DRV - [2015/03/10 18:52:33 | 000,037,896 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Auto | Running] -- F:\Windows\System32\drivers\avnetflt.sys -- (avnetflt)
DRV - [2015/01/31 04:51:11 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2014/07/23 13:29:32 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- F:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012/11/29 18:59:32 | 000,026,976 | ---- | M] (Feitian Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- F:\Windows\System32\drivers\Rockey4.sys -- (ROCKEYNT)
DRV - [2012/11/29 16:43:03 | 000,077,560 | ---- | M] (Identcode Ltd.) [Kernel | System | Running] -- F:\Windows\System32\drivers\angelnt.sys -- (Angelnt)
DRV - [2012/11/29 16:43:03 | 000,019,576 | ---- | M] (Identcode Ltd.) [Kernel | On_Demand | Stopped] -- F:\Windows\System32\drivers\angkeyu.sys -- (angkeyu)
DRV - [2012/06/11 12:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012/01/09 18:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012/01/09 18:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012/01/09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012/01/09 18:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- F:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- F:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/01/29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- F:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009/07/14 00:02:53 | 000,347,136 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- F:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2007/11/09 06:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- F:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-475816431-923529248-4022730083-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com
IE - HKU\S-1-5-21-475816431-923529248-4022730083-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=SKY2&ocid=SKY2DHP&osmkt=en-ww
IE - HKU\S-1-5-21-475816431-923529248-4022730083-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C 32 79 A3 92 C9 CD 01 [binary data]
IE - HKU\S-1-5-21-475816431-923529248-4022730083-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-475816431-923529248-4022730083-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-475816431-923529248-4022730083-1000\..\SearchScopes\{8D1957B0-A57F-465B-A336-BE78FE701C04}: "URL" = http://www.bing.com/search?FORM=SKY2DF& ... -SearchBox
IE - HKU\S-1-5-21-475816431-923529248-4022730083-1000\..\SearchScopes\{DE974C0C-DC7D-4CA9-9D5F-7E2632EF88FF}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-475816431-923529248-4022730083-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "SK"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "SK"
FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.startup.homepage: "http://google.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.5
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: F:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: F:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: F:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: F:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin: F:\Program Files\VideoDownloadConverter\npVDCPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: F:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: F:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Components: F:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: install
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Components: F:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins

[2012/11/23 18:11:04 | 000,000,000 | ---D | M] (No name found) -- F:\Users\Julko\AppData\Roaming\mozilla\Extensions
[2015/06/15 11:11:38 | 000,000,000 | ---D | M] (No name found) -- F:\Users\Julko\AppData\Roaming\mozilla\Firefox\Profiles\mi7imrhu.default\extensions
[2015/05/28 15:27:01 | 000,000,000 | ---D | M] (Avira Browser Safety) -- F:\Users\Julko\AppData\Roaming\mozilla\Firefox\Profiles\mi7imrhu.default\extensions\abs@avira.com
[2015/03/06 17:43:07 | 000,000,000 | ---D | M] ("Bing Search Engine") -- F:\Users\Julko\AppData\Roaming\mozilla\Firefox\Profiles\mi7imrhu.default\extensions\bingsearch.full@microsoft.com
[2015/05/29 15:56:13 | 000,946,636 | ---- | M] () (No name found) -- F:\Users\Julko\AppData\Roaming\mozilla\firefox\profiles\mi7imrhu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015/06/15 11:12:34 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\browser\extensions
[2015/06/02 16:02:55 | 000,000,000 | ---D | M] (Default) -- F:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - F:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-475816431-923529248-4022730083-1000\..\Toolbar\WebBrowser: (no name) - {5347542D-5350-006A-76A7-7A786E7484D7} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] F:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] F:\Program Files\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [MRPRun] C:\Program Files\MRP\MRPRun.exe (MRP-Informatics, s.r.o.)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] F:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] F:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: F:\Users\Julko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-475816431-923529248-4022730083-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-475816431-923529248-4022730083-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - F:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8870C058-C9D9-4277-BFFD-76D094CBEB34} http://www.3dsuperb.com/app/SupOcxSetupEx.cab (3D Superb Setup)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C50F900-2A81-44DC-8DD8-099ECEF1AB58}: DhcpNameServer = 195.34.133.21 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3176ECA-052E-40C4-9D95-073BE898D8D7}: DhcpNameServer = 195.34.133.21 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - F:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (F:\Windows\System32\Userinit.exe) - F:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - F:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - F:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/10/15 16:09:54 | 000,000,000 | ---- | M] () - Q:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - F:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - F:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - F:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - F:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to F:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2015/06/15 12:58:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- F:\Users\Julko\Desktop\OTL.exe
[2015/06/15 12:37:15 | 000,000,000 | ---D | C] -- F:\Program Files\trend micro
[2015/06/15 12:37:14 | 000,000,000 | ---D | C] -- F:\rsit
[2015/06/15 12:17:41 | 000,000,000 | ---D | C] -- F:\Windows\pss
[2015/06/15 12:07:19 | 000,000,000 | ---D | C] -- F:\AdwCleaner
[2015/06/12 18:45:04 | 002,384,384 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\win32k.sys
[2015/06/12 18:45:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\spwmp.dll
[2015/06/12 18:45:01 | 012,625,408 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\wmploc.DLL
[2015/06/12 18:45:01 | 000,004,096 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\msdxm.ocx
[2015/06/12 18:45:01 | 000,004,096 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\dxmasf.dll
[2015/06/12 18:44:56 | 000,685,568 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\ie4uinit.exe
[2015/06/12 18:44:56 | 000,667,648 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\MsSpellCheckingFacility.exe
[2015/06/12 18:44:56 | 000,342,728 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\iedkcs32.dll
[2015/06/12 18:44:56 | 000,115,712 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\ieUnatt.exe
[2015/06/12 18:44:56 | 000,102,912 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\ieetwcollector.exe
[2015/06/12 18:44:56 | 000,060,416 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\JavaScriptCollectionAgent.dll
[2015/06/12 18:44:56 | 000,047,616 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\ieetwproxystub.dll
[2015/06/12 18:44:56 | 000,047,104 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\jsproxy.dll
[2015/06/12 18:44:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\iernonce.dll
[2015/06/12 18:44:55 | 002,724,864 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\mshtml.tlb
[2015/06/12 18:44:55 | 000,710,144 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\ieapfltr.dll
[2015/06/12 18:44:55 | 000,689,152 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\msfeeds.dll
[2015/06/12 18:44:55 | 000,620,032 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\jscript9diag.dll
[2015/06/12 18:44:55 | 000,418,304 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\dxtmsft.dll
[2015/06/12 18:44:54 | 002,052,608 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\inetcpl.cpl
[2015/06/12 18:44:54 | 000,168,960 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\msrating.dll
[2015/06/12 18:44:54 | 000,062,464 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\iesetup.dll
[2015/06/12 18:44:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\ieetwcollectorres.dll
[2015/06/12 18:44:52 | 000,285,696 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\dxtrans.dll
[2015/06/12 18:44:51 | 000,478,208 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\ieui.dll
[2015/06/12 18:44:49 | 000,341,504 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\html.iec
[2015/06/12 18:44:48 | 001,155,072 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\mshtmlmedia.dll
[2015/06/12 18:44:48 | 000,064,000 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\MshtmlDac.dll
[2015/06/12 18:44:47 | 004,305,920 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\jscript9.dll
[2015/06/12 18:44:38 | 000,271,360 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\conhost.exe
[2015/06/12 18:44:38 | 000,169,984 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\winsrv.dll
[2015/06/12 18:44:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2015/06/12 18:44:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/06/12 18:44:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2015/06/12 18:44:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2015/06/12 18:44:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2015/06/12 18:44:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/06/12 18:44:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/06/12 18:44:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2015/06/12 18:44:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/06/12 18:44:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2015/06/12 18:44:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/06/12 18:44:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2015/06/12 18:44:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2015/06/12 18:44:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2015/06/12 18:44:37 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2015/06/12 18:44:37 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2015/06/12 18:44:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2015/06/12 18:44:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2015/06/12 18:44:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2015/06/12 18:44:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2015/06/12 18:44:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2015/06/12 18:44:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2015/06/12 18:44:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2015/06/12 18:44:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2015/06/12 18:44:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/06/12 18:44:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2015/06/12 18:44:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2015/06/12 18:44:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- F:\Windows\System32\api-ms-win-core-console-l1-1-0.dll

========== Files - Modified Within 7 Days ==========

[2015/06/15 13:04:40 | 000,000,512 | ---- | M] () -- F:\PhysicalMBR.bin
[2015/06/15 12:58:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Users\Julko\Desktop\OTL.exe
[2015/06/15 12:42:00 | 000,000,830 | ---- | M] () -- F:\Windows\tasks\Adobe Flash Player Updater.job
[2015/06/15 12:31:23 | 001,107,968 | ---- | M] () -- F:\Users\Julko\Desktop\RSIT.exe
[2015/06/15 12:22:34 | 000,020,480 | -H-- | M] () -- F:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/06/15 12:22:34 | 000,020,480 | -H-- | M] () -- F:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/06/15 12:12:52 | 000,067,584 | --S- | M] () -- F:\Windows\bootstat.dat
[2015/06/15 12:12:46 | 2312,105,984 | -HS- | M] () -- F:\hiberfil.sys
[2015/06/15 12:06:20 | 002,231,296 | ---- | M] () -- F:\Users\Julko\Desktop\adwcleaner_4.206.exe
[2015/06/15 11:10:13 | 000,002,000 | ---- | M] () -- F:\Users\Public\Desktop\Wise Care 365.lnk
[2015/06/15 11:00:08 | 000,000,378 | ---- | M] () -- F:\Windows\tasks\Wise Turbo Checker.job
[2015/06/15 10:59:44 | 000,618,912 | ---- | M] () -- F:\Windows\System32\perfh009.dat
[2015/06/15 10:59:44 | 000,107,232 | ---- | M] () -- F:\Windows\System32\perfc009.dat
[2015/06/13 19:03:49 | 000,340,408 | ---- | M] () -- F:\Windows\System32\FNTCACHE.DAT
[2015/06/12 07:42:16 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- F:\Windows\System32\FlashPlayerApp.exe
[2015/06/12 07:42:16 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- F:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2015/06/15 13:04:40 | 000,000,512 | ---- | C] () -- F:\PhysicalMBR.bin
[2015/06/15 12:31:22 | 001,107,968 | ---- | C] () -- F:\Users\Julko\Desktop\RSIT.exe
[2015/06/15 12:06:19 | 002,231,296 | ---- | C] () -- F:\Users\Julko\Desktop\adwcleaner_4.206.exe
[2015/06/14 18:07:49 | 007,475,200 | ---- | C] () -- F:\Users\Julko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
[2015/04/15 17:09:36 | 000,340,408 | ---- | C] () -- F:\Windows\System32\FNTCACHE.DAT
[2015/03/06 18:03:52 | 000,080,896 | ---- | C] () -- F:\Windows\System32\RDVGHelper.exe
[2015/03/06 18:02:24 | 000,066,048 | ---- | C] () -- F:\Windows\System32\PrintBrmUi.exe
[2013/09/18 19:51:49 | 000,004,096 | -H-- | C] () -- F:\Users\Julko\AppData\Local\keyfile3.drm
[2012/11/29 18:28:29 | 000,000,017 | ---- | C] () -- F:\Users\Julko\AppData\Local\resmon.resmoncfg

========== ZeroAccess Check ==========

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- F:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/12/04 17:16:35 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\eTeks
[2015/01/26 11:35:42 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\MRP
[2015/04/08 11:30:04 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\Nokia
[2015/04/08 10:56:44 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\PC Suite
[2012/11/29 17:48:31 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\TeamViewer
[2015/03/04 14:05:47 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\TuneUp Software
[2015/06/15 12:13:39 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\Wise Care 365

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 06:53:46 | 000,032,610 | ---- | C] () -- F:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 06:53:47 | 000,000,006 | -H-- | C] () -- F:\Windows\Tasks\SA.DAT
[2012/11/23 18:15:38 | 000,000,830 | ---- | C] () -- F:\Windows\Tasks\Adobe Flash Player Updater.job
[2015/04/09 11:58:58 | 000,000,378 | ---- | C] () -- F:\Windows\Tasks\Wise Turbo Checker.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- F:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- F:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- F:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- F:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- F:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- F:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- F:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- F:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- F:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- F:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- F:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- F:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- F:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- F:\Windows\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- F:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- F:\Windows\SoftwareDistribution\Download\c1f17c80c3b916714e96cf873d95fd6d\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- F:\Windows\SoftwareDistribution\Download\c1f17c80c3b916714e96cf873d95fd6d\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- F:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- F:\Windows\System32\hal.dll
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- F:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- F:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- F:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- F:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- F:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2015/04/13 05:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- F:\Windows\System32\services.exe
[2015/04/13 05:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- F:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- F:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015/04/11 05:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- F:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- F:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- F:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- F:\Windows\SoftwareDistribution\Download\819f2389c84fd99ac463e7d342b07134\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- F:\Windows\SoftwareDistribution\Download\819f2389c84fd99ac463e7d342b07134\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- F:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- F:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2014/04/05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- F:\Windows\System32\drivers\tcpip.sys
[2014/04/05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- F:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2012/03/30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- F:\Windows\SoftwareDistribution\Download\19bfa40e050005687b12d8d514da84f9\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2010/04/09 09:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- F:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2010/04/09 09:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- F:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2015/03/09 13:08:09 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- F:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- F:\Windows\SoftwareDistribution\Download\819f2389c84fd99ac463e7d342b07134\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- F:\Windows\SoftwareDistribution\Download\19bfa40e050005687b12d8d514da84f9\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- F:\Windows\SoftwareDistribution\Download\819f2389c84fd99ac463e7d342b07134\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- F:\Windows\SoftwareDistribution\Download\19bfa40e050005687b12d8d514da84f9\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2015/03/09 13:08:09 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- F:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2012/03/30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- F:\Windows\SoftwareDistribution\Download\19bfa40e050005687b12d8d514da84f9\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
[2014/04/05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- F:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- F:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- F:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- F:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- F:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- F:\Windows\SoftwareDistribution\Download\b23c9e49177e4877c3c32ef3b38f35ad\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2014/07/16 04:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- F:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014/07/17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- F:\Windows\System32\winlogon.exe
[2014/07/17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- F:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- F:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- F:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014/03/04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- F:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014/03/04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- F:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe

< >

< %systemroot%*.* /U /s >
[7 F:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> F:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[152 F:\Windows\Installer\*.tmp files -> F:\Windows\Installer\*.tmp -> ]
[1 F:\Windows\SoftwareDistribution\Download\1b2ba932a490b5fb2683301a90beec36\*.tmp files -> F:\Windows\SoftwareDistribution\Download\1b2ba932a490b5fb2683301a90beec36\*.tmp -> ]
[2 F:\Windows\Temp\*.tmp files -> F:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/11/28 16:09:16 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\Adobe
[2015/04/07 14:47:25 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\Avira
[2014/12/04 17:16:35 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\eTeks
[2012/11/23 17:41:24 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\Identities
[2012/11/23 19:47:40 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\Macromedia
[2009/07/14 09:48:45 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\Media Center Programs
[2015/06/14 18:07:49 | 000,000,000 | --SD | M] -- F:\Users\Julko\AppData\Roaming\Microsoft
[2012/11/23 18:11:04 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\Mozilla
[2015/01/26 11:35:42 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\MRP
[2015/04/08 11:30:04 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\Nokia
[2015/04/08 10:56:44 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\PC Suite
[2015/04/27 16:11:21 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\Skype
[2012/11/29 17:48:31 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\TeamViewer
[2015/03/04 14:05:47 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\TuneUp Software
[2015/06/07 19:56:59 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\vlc
[2015/06/15 12:13:39 | 000,000,000 | ---D | M] -- F:\Users\Julko\AppData\Roaming\Wise Care 365

< %APPDATA%\*.exe /s >
[2015/06/14 18:07:50 | 000,494,606 | ---- | M] () -- F:\Users\Julko\AppData\Roaming\Microsoft\Networking\inet32upd.exe
[2015/06/14 18:07:50 | 002,418,688 | ---- | M] () -- F:\Users\Julko\AppData\Roaming\Microsoft\Networking\winnet32b.exe
[2015/03/04 20:58:38 | 007,475,200 | ---- | M] () -- F:\Users\Julko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2015/06/15 12:42:00 | 000,000,830 | ---- | M] () -- F:\Windows\Tasks\Adobe Flash Player Updater.job
[2015/06/15 11:00:08 | 000,000,378 | ---- | M] () -- F:\Windows\Tasks\Wise Turbo Checker.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015/06/15 12:22:34 | 000,020,480 | -H-- | M] () -- F:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/06/15 12:22:34 | 000,020,480 | -H-- | M] () -- F:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/06/13 19:03:49 | 000,340,408 | ---- | M] () -- F:\Windows\system32\FNTCACHE.DAT
[2015/06/12 18:47:05 | 136,900,096 | ---- | M] (Microsoft Corporation) -- F:\Windows\system32\MRT.exe
[2015/06/15 10:59:44 | 000,107,232 | ---- | M] () -- F:\Windows\system32\perfc009.dat
[2015/06/15 10:59:44 | 000,618,912 | ---- | M] () -- F:\Windows\system32\perfh009.dat
[2015/06/15 10:59:44 | 000,730,320 | ---- | M] () -- F:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2015/06/02 16:02:55 | 000,376,944 | ---- | M] (Mozilla Corporation) MD5=923FE895B22B22A9CA03C72F3D15CE20 -- F:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015/06/02 21:35:47 | 000,815,304 | ---- | M] (Microsoft Corporation) MD5=F2831268EC600225F611DC02166EACF0 -- F:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/06/15 13:04:40 | 000,000,512 | ---- | M] () MD5=9E07C5A1F404DFD978AE43D62B997DD1 -- F:\PhysicalMBR.bin

< >

< *crack* /s >
[2012/11/12 16:13:29 | 000,002,615 | ---- | M] () -- \RECYCLER\S-1-5-21-507921405-2000478354-682003330-1004\Df10\WGA Crack By bobiras2009\Genuine Windows XP 2012 License With WGA Crack By bobiras2009.bat

< *keygen* /s >

< *loader* /s >
[2014/11/29 08:34:35 | 000,002,191 | ---- | M] () -- \AdwCleaner\Quarantine\F\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader\YTD Video Downloader.lnk.vir
[2014/11/29 08:34:35 | 000,001,247 | ---- | M] () -- \AdwCleaner\Quarantine\F\Users\Public\Desktop\YTD Video Downloader.lnk.vir
[2014/09/03 01:27:24 | 000,268,432 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2014/09/03 01:27:24 | 000,019,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/06/26 13:36:30 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_slk.NLR
[2014/12/15 17:26:30 | 000,072,638 | ---- | M] () -- \Users\Julko\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/12/15 17:26:30 | 000,003,032 | ---- | M] () -- \Users\Julko\AppData\Local\Skype\Apps\login\images\loader.png
[2014/12/15 17:26:30 | 000,006,012 | ---- | M] () -- \Users\Julko\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/12/15 17:26:30 | 000,021,956 | ---- | M] () -- \Users\Julko\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/12/15 17:26:30 | 000,009,772 | ---- | M] () -- \Users\Julko\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2015/01/16 08:24:33 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_35c794147472469a.manifest
[2015/01/16 08:24:56 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_da-dk_d301743b6ab84299.manifest
[2015/01/16 08:24:55 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_de-de_d02d09776c8e9733.manifest
[2015/01/16 08:24:26 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_el-gr_78c3370a5ba3ffc1.manifest
[2015/01/16 08:23:55 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_en-us_791ddf705b6ca2f8.manifest
[2015/01/16 08:24:46 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_es-es_78e93c545b93949d.manifest
[2015/01/16 08:24:39 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_fi-fi_1804410150ad86c7.manifest
[2015/01/16 08:23:57 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_fr-fr_1ba0b2534e65aaff.manifest
[2015/01/16 08:24:18 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_hu-hu_6311329b32c57a1b.manifest
[2015/01/16 08:24:05 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_it-it_05c8a89a2597907d.manifest
[2015/01/16 08:24:01 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_ja-jp_a7ee27a718b2a258.manifest
[2015/01/16 08:24:02 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_ko-kr_4b58045c0b23696e.manifest
[2015/01/16 08:24:19 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_nb-no_33ea8590e348952a.manifest
[2015/01/16 08:24:56 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_nl-nl_3229d0cee4749eff.manifest
[2015/01/16 08:24:20 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_pl-pl_78662b50c9970cb3.manifest
[2015/01/16 08:24:20 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_pt-br_7aba15f4c820a097.manifest
[2015/01/16 08:24:38 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_pt-pt_7b9be560c7901073.manifest
[2015/01/16 08:24:49 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_ru-ru_c23ef724ac719e9f.manifest
[2015/01/16 08:24:27 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_sv-se_5e39e199a39aa8fa.manifest
[2015/01/16 08:23:58 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_tr-tr_07472be09256aaeb.manifest
[2015/01/16 08:24:17 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_zh-cn_d8a449de428e7d0a.manifest
[2015/01/16 08:24:44 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_zh-hk_d74f426c4369ef9a.manifest
[2015/01/16 08:24:10 | 000,002,777 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_zh-tw_dca087343fff597a.manifest
[2015/01/14 08:45:13 | 000,004,224 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_5dabdf9ce40faccd.manifest
[2015/01/16 08:24:27 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_43ba6b00af8efbf6.manifest
[2015/01/16 08:24:44 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_da-dk_e0f44b27a5d4f7f5.manifest
[2015/01/16 08:24:30 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_de-de_de1fe063a7ab4c8f.manifest
[2015/01/16 08:24:16 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_el-gr_86b60df696c0b51d.manifest
[2015/01/16 08:24:11 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_en-us_8710b65c96895854.manifest
[2015/01/16 08:24:01 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_es-es_86dc134096b049f9.manifest
[2015/01/16 08:24:30 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_fi-fi_25f717ed8bca3c23.manifest
[2015/01/16 08:23:57 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_fr-fr_2993893f8982605b.manifest
[2015/01/16 08:24:42 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_hu-hu_710409876de22f77.manifest
[2015/01/16 08:24:01 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_it-it_13bb7f8660b445d9.manifest
[2015/01/16 08:24:41 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_ja-jp_b5e0fe9353cf57b4.manifest
[2015/01/16 08:24:57 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_ko-kr_594adb4846401eca.manifest
[2015/01/16 08:24:43 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_nb-no_41dd5c7d1e654a86.manifest
[2015/01/16 08:24:30 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_nl-nl_401ca7bb1f91545b.manifest
[2015/01/16 08:24:43 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_pl-pl_8659023d04b3c20f.manifest
[2015/01/16 08:24:36 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_pt-br_88acece1033d55f3.manifest
[2015/01/16 08:24:54 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_pt-pt_898ebc4d02acc5cf.manifest
[2015/01/16 08:24:50 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_ru-ru_d031ce10e78e53fb.manifest
[2015/01/16 08:24:48 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_sv-se_6c2cb885deb75e56.manifest
[2015/01/16 08:24:41 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_tr-tr_153a02cccd736047.manifest
[2015/01/16 08:24:05 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_zh-cn_e69720ca7dab3266.manifest
[2015/01/16 08:24:37 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_zh-hk_e54219587e86a4f6.manifest
[2015/01/16 08:24:33 | 000,002,780 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_zh-tw_ea935e207b1c0ed6.manifest
[2015/01/16 08:24:39 | 000,004,200 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2079b988478ffe9fc8059ab7e3ea5fd5\x86_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_4273b44ce20009f9.manifest
[2011/07/16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a6a5bc28bae3edb288d586ebce7d1f5\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a6a5bc28bae3edb288d586ebce7d1f5\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a6a5bc28bae3edb288d586ebce7d1f5\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4a6a5bc28bae3edb288d586ebce7d1f5\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2015/03/31 11:39:16 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_787ca05342610b3b.manifest
[2015/03/31 11:39:16 | 000,033,216 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_787ca05342610b3b_winload.exe.mui_3bc5b827
[2015/03/31 11:39:16 | 000,029,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_787ca05342610b3b_winresume.exe.mui_ff8b5358
[2015/03/31 11:39:18 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015/03/31 11:39:18 | 000,521,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510_winload.exe_75835076
[2015/03/31 11:39:18 | 000,455,752 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510_winresume.exe_85cd1215
[2009/07/14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 04:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2015/02/03 05:16:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_787ca05342610b3b.manifest
[2015/01/13 00:09:31 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_en-us_791bdedc5b6e704a.manifest
[2015/01/16 08:23:55 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_en-us_791ddf705b6ca2f8.manifest
[2015/01/27 05:33:20 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_en-us_79083f985b7cdada.manifest
[2015/02/03 05:36:49 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_en-us_790d410a5b78598d.manifest
[2015/03/17 06:50:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_en-us_793257205b5d8501.manifest
[2009/07/14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 06:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2015/02/03 05:32:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015/01/12 05:35:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_5da9df08e4117a1f.manifest
[2015/01/14 08:45:13 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_5dabdf9ce40faccd.manifest
[2015/01/27 05:51:15 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_5d963fc4e41fe4af.manifest
[2015/02/03 05:54:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_5d9b4136e41b6362.manifest
[2015/03/17 07:06:11 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_5dc0574ce4008ed6.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/09 13:05:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/09 13:06:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/09 13:05:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/09 13:06:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/09 13:05:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/09 13:06:42 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/09 13:05:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/03/09 13:06:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Posielam Extras:

OTL Extras logfile created on: 6/15/2015 1:01:34 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Users\Julko\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 00000409 | Country: Slovakia | Language: SKY | Date Format: d. M. yyyy

2.87 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 63.40% Memory free
5.74 Gb Paging File | 4.44 Gb Available in Paging File | 77.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\Windows | %ProgramFiles% = F:\Program Files
Drive C: | 173.03 Gb Total Space | 70.39 Gb Free Space | 40.68% Space Free | Partition Type: NTFS
Drive F: | 37.47 Gb Total Space | 3.24 Gb Free Space | 8.66% Space Free | Partition Type: NTFS
Drive Q: | 100.00 Mb Total Space | 58.02 Mb Free Space | 58.03% Space Free | Partition Type: NTFS

Computer Name: ON | User Name: Julko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- F:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- F:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-475816431-923529248-4022730083-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- F:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "F:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "F:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "F:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "F:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1E329FE0-F62D-4DA8-BEDA-210E84AD0E2B}" = rport=445 | protocol=6 | dir=out | app=system |
"{2753238D-D26C-47C4-B74C-7327FEB42549}" = lport=139 | protocol=6 | dir=in | app=system |
"{2CE0D952-EC08-4EBF-87C9-FD42F43C0D91}" = lport=138 | protocol=17 | dir=in | app=system |
"{2FAE6184-B8F9-46E0-A7C4-0418ED8957DD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A3F8501-6596-4195-9168-56566CD29499}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3C305079-EF2B-43D1-9B19-A1C7A62CC94C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4927ADC4-1A8E-4125-A9C3-67D899BF365B}" = rport=139 | protocol=6 | dir=out | app=system |
"{4D922C02-678E-422C-99F7-921BC0C295B3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5D316C6D-E64B-4CE0-A287-075EC9B7E135}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7F4F5402-4A56-4854-BDE8-BCCCD2F4873E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{84378E17-819B-402D-B72C-B0CD19E297DC}" = rport=138 | protocol=17 | dir=out | app=system |
"{8D8AA29D-9F84-4F4D-B10F-EBAF371C74CC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8ECE6FE5-1DDA-43E9-A2A4-6BF8592313EE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8F0AA0B9-42EF-426B-98A2-76DF3248869D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A3238D0E-DF9C-462C-96B4-DA5FA79A33CC}" = rport=137 | protocol=17 | dir=out | app=system |
"{A3B383AD-F989-472A-BD79-F112035A1B39}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A95AB878-C18E-4394-9C3F-FE2F1BD0722D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BFE520C2-6DE8-4CAE-A4C4-B6D86C970D94}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C31C2387-3F43-494B-81D6-79A10F98757E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C33E5058-30E4-478B-BF83-7E8AD9F76F21}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F067B2D4-3E18-4650-A20A-6FA9C49A2B83}" = lport=445 | protocol=6 | dir=in | app=system |
"{FA6012F7-D83B-4683-9E47-BAEB6F75EBD5}" = lport=137 | protocol=17 | dir=in | app=system |
"{FED18CDD-EE05-48D9-9280-E0129372360C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FF787DF6-CD2B-4E19-A125-16AA436BFED3}" = lport=6004 | protocol=17 | dir=in | app=f:\program files\microsoft office\office14\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04DD44BF-B681-4A2A-8A2B-463CDE97F30F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2EEB3346-DCF9-4B7E-BB79-398F1319DF58}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3436B9A7-4375-4E1C-902A-4CADB91EA963}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3A39C418-9450-4446-BA33-8B89530E05CB}" = protocol=6 | dir=out | app=system |
"{468D649C-3817-4647-B77C-423F7F2B71C6}" = protocol=17 | dir=in | app=f:\program files\microsoft office\office14\groove.exe |
"{4AA24E78-21AC-46D6-87B5-2F8F35FF7FE1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5578762A-EF3C-45E3-8479-70F05E36A470}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{640AC4D0-2CCF-4242-8E72-58B676B18F00}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{683276B9-7FCB-462B-9689-E5100218A50D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6C7FA9F2-A381-42ED-AFC7-52F50A7EE353}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{75484305-9F00-491E-AADB-196E382B1DE9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{91BCD963-9D32-4BFF-9A59-4C37DAE0E741}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{956CEC75-A9A0-4C94-BAAE-517D10FA4106}" = protocol=6 | dir=in | app=f:\program files\mozilla firefox\firefox.exe |
"{95D4763E-ECB9-46B7-A842-502B566F70B0}" = dir=in | app=f:\program files\skype\phone\skype.exe |
"{ABF0C6A6-2E0A-4390-985F-EE6AC58DAECD}" = protocol=17 | dir=in | app=f:\program files\mozilla firefox\firefox.exe |
"{AC2478E0-43F5-4C96-AA2D-906F02191F9B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AD2072CB-848F-499A-818C-559A2B729916}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6D801FF-6CF7-4350-A06F-BCA5A853D690}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DDAE6F58-7714-4922-BB16-22A56FF34929}" = protocol=6 | dir=in | app=f:\program files\microsoft office\office14\groove.exe |
"{F15AE845-9F4F-46FA-ADDB-E86222913A8C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FA5FC04D-2DC9-4099-9F39-4286C59B161D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{32150E0A-602B-4BDC-8BA6-30603B5B083D}F:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=f:\program files\mozilla firefox\firefox.exe |
"TCP Query User{354C0585-9843-4076-B967-123E396F0925}F:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=f:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{929A1E54-AC83-4A38-A077-1A9397CDE844}F:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=f:\program files\mozilla firefox\firefox.exe |
"UDP Query User{DFA8AA0F-4153-417D-A9F2-8727FEC8E6FA}F:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=f:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0696cc37-db90-4000-be99-4a173ca7c8af}" = Avira
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.1
"{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DC59BF3-0D72-3CE8-BFEF-1E8FAF689EB0}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{65EBED55-4B58-4583-88EC-8190D776BFBB}" = Avira
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{AA1C2742-4732-46BD-A194-018B3FC7CAC4}" = CENKROSplus
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.11) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI
"ATF" = ATF
"Avira Antivirus" = Avira Antivirus
"CCleaner" = CCleaner
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows Driver Package - Nokia Modem (02/25/2011 4.7)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Mozilla Firefox 38.0.5 (x86 sk)" = Mozilla Firefox 38.0.5 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MRP Jednoduche uctovnictvo" = MRP Jednoduché účtovníctvo + sklad
"MRP NetAgent" = MRP Aktualizačný manažér
"MRP Zaklad" = MRP Základ vizuálneho účtovného systému
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Psaní všemi deseti_is1" = Psaní všemi deseti 1.5
"Sweet Home 3D_is1" = Sweet Home 3D version 4.5
"UltraISO_is1" = UltraISO Premium V9.5
"VLC media player" = VLC media player 2.0.5
"Wise Care 365_is1" = Wise Care 365 3.59

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/18/2015 4:33:01 AM | Computer Name = on | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "F:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 5/19/2015 3:20:28 AM | Computer Name = on | Source = MsiInstaller | ID = 10005
Description =

Error - 5/19/2015 5:44:16 AM | Computer Name = on | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "F:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 5/20/2015 4:29:50 AM | Computer Name = on | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "F:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 5/21/2015 5:37:42 AM | Computer Name = on | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "F:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 5/22/2015 3:51:17 AM | Computer Name = on | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "F:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 5/27/2015 6:25:17 AM | Computer Name = on | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "F:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/2/2015 1:21:04 PM | Computer Name = on | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "F:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/14/2015 6:03:37 AM | Computer Name = on | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "F:\Program Files\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/15/2015 5:05:54 AM | Computer Name = on | Source = Office Software Protection Platform Service | ID = 1017
Description = Installation of the Proof of Purchase failed. 0xC004F015 Partial Pkey=T7DDX
ACID=8ce7e872-188c-4b98-9d90-f8f90b7aad02
Detailed
Error[?]

[ System Events ]
Error - 1/10/2015 10:02:02 AM | Computer Name = on | Source = volsnap | ID = 393252
Description = The shadow copies of volume F: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 1/11/2015 8:18:14 AM | Computer Name = on | Source = bowser | ID = 8003
Description =

Error - 1/12/2015 10:29:08 AM | Computer Name = on | Source = volsnap | ID = 393241
Description = The shadow copies of volume F: were deleted because the shadow copy
storage could not grow in time. Consider reducing the IO load on the system or
choose a shadow copy storage volume that is not being shadow copied.

Error - 1/13/2015 3:28:38 AM | Computer Name = on | Source = volsnap | ID = 393241
Description = The shadow copies of volume F: were deleted because the shadow copy
storage could not grow in time. Consider reducing the IO load on the system or
choose a shadow copy storage volume that is not being shadow copied.

Error - 1/13/2015 2:21:29 PM | Computer Name = on | Source = volsnap | ID = 393252
Description = The shadow copies of volume F: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 1/15/2015 5:35:24 AM | Computer Name = on | Source = volsnap | ID = 393252
Description = The shadow copies of volume F: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 1/21/2015 2:55:59 AM | Computer Name = on | Source = volsnap | ID = 393241
Description = The shadow copies of volume F: were deleted because the shadow copy
storage could not grow in time. Consider reducing the IO load on the system or
choose a shadow copy storage volume that is not being shadow copied.

Error - 1/22/2015 6:56:07 AM | Computer Name = on | Source = bowser | ID = 8003
Description =

Error - 1/27/2015 2:45:23 AM | Computer Name = on | Source = volsnap | ID = 393241
Description = The shadow copies of volume F: were deleted because the shadow copy
storage could not grow in time. Consider reducing the IO load on the system or
choose a shadow copy storage volume that is not being shadow copied.

Error - 1/28/2015 7:53:13 AM | Computer Name = on | Source = volsnap | ID = 393241
Description = The shadow copies of volume F: were deleted because the shadow copy
storage could not grow in time. Consider reducing the IO load on the system or
choose a shadow copy storage volume that is not being shadow copied.


< End of report >

vyosek píše: Jen se zeptam pouzivate legalni operacni system, nejvyssi licence (v hodnote nejake tisic) Ultimate zrovna neni bezna domaci verze