VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

kontrola a odstranenie Win32/Ponmocup.AA

https://forum.viry.cz:443/viewtopic.php?t=145973

Stránka 1 z 2

kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 07 zář 2015 21:39
od jordi
ahojte,

Eset vyhadzuje hlasku (nie pocas scanu), ze v operacnej pamati je hrozba, run32dll.exe - Win32/Ponmocup.AA
ale scan Smart security, ani Spyhununter nic neukazu.
v prilohe je obrazok toho, co Eset halsi
zacalo to ze som sa snazil odstanit nejaky cryptolocker, to sa podarilo, a ponainstalovani ESETU pise toto.

vopred dakujem za pomoc

Log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by radiboy at 2015-09-07 22:18:25
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 23 GB (23%) free of 100 GB
Total RAM: 3579 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:18:37, on 7. 9. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files\Common Files\Corel\Standby\Standby.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\radiboy\Downloads\RSIT.exe
C:\Program Files\trend micro\radiboy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe"
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
O4 - HKLM\..\Run: [UVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe
O4 - HKLM\..\Run: [Standby] "c:\Program Files\Common Files\Corel\Standby\Standby.exe" -START
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ACSW17EN] "C:\Program Files\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (file missing)
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{6912BB7E-70D9-4F9B-889A-87DC7C9A5A71}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AtherosSvc - Unknown owner - C:\Program Files\Bluetooth Suite\adminservice.exe (file missing)
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: @C:\Windows\system32\CxAudMsg32.exe,-100 (CxAudMsg) - Conexant Systems Inc. - C:\Windows\system32\CxAudMsg32.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 9164 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\bggmb.job - C:\Windows\system32\rundll32.exe "C:\Windows\system32\ntlanui2L.dll",Mdsntjm
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\ParetoLogic Registration3.job - C:\Windows\system32\rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns

=========Mozilla firefox=========

ProfilePath - C:\Users\radiboy\AppData\Roaming\Mozilla\Firefox\Profiles\3x8f1f81.default-1427135331899

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
nppdf32.JPN

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-10-26 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-22 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-22 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-25 336384]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-04-30 40336]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-01-13 2049320]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"AtherosBtStack"=C:\Program Files\Bluetooth Suite\BtvStack.exe []
"AthBtTray"=C:\Program Files\Bluetooth Suite\AthBtTray.exe []
"UVS12 Preload"=C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe [2008-06-09 397456]
"Standby"=c:\Program Files\Common Files\Corel\Standby\Standby.exe [2010-05-17 105632]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"IJNetworkScannerSelectorEX"=C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"ACSW17EN"=C:\Program Files\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe [2013-09-25 1414984]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5089480]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BlazeServoTool"=C:\Program Files\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe [2011-01-27 286720]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-01-19 3477312]
"AdobeBridge"= []
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-12-11 30877280]

C:\Users\radiboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMSwissArmy]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
"msacm.dvacm"=c:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-07 22:18:26 ----D---- C:\Program Files\trend micro
2015-09-07 22:18:25 ----D---- C:\rsit
2015-09-07 01:01:08 ----ASH---- C:\hiberfil.sys
2015-09-06 22:20:11 ----A---- C:\Windows\system32\mshtml.dll
2015-09-04 18:57:47 ----A---- C:\native log.txt
2015-09-04 18:56:16 ----A---- C:\Windows\system32\sh4native.exe
2015-09-04 08:59:50 ----D---- C:\Program Files\Mozilla Firefox
2015-09-04 03:07:44 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-04 02:56:43 ----D---- C:\ProgramData\Caphyon
2015-09-04 02:56:11 ----D---- C:\Program Files\Enigma Software Group
2015-09-04 02:55:12 ----D---- C:\Users\radiboy\AppData\Roaming\Enigma Software Group
2015-09-04 01:57:56 ----D---- C:\ProgramData\ESET
2015-09-04 00:52:17 ----A---- C:\Windows\system32\notepad.exe
2015-09-04 00:52:17 ----A---- C:\Windows\notepad.exe
2015-09-04 00:52:09 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-04 00:52:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-04 00:52:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-04 00:52:07 ----A---- C:\Windows\system32\iernonce.dll
2015-09-04 00:52:07 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-04 00:52:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-04 00:52:05 ----A---- C:\Windows\system32\urlmon.dll
2015-09-04 00:52:05 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-04 00:52:04 ----A---- C:\Windows\system32\vbscript.dll
2015-09-04 00:52:04 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-04 00:52:03 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-04 00:52:03 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-04 00:52:03 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-04 00:52:03 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-04 00:52:02 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-04 00:51:58 ----A---- C:\Windows\system32\msrating.dll
2015-09-04 00:51:57 ----A---- C:\Windows\system32\iesetup.dll
2015-09-04 00:51:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-04 00:51:55 ----A---- C:\Windows\system32\jscript.dll
2015-09-04 00:51:54 ----A---- C:\Windows\system32\wininet.dll
2015-09-04 00:51:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-04 00:51:50 ----A---- C:\Windows\system32\ieui.dll
2015-09-04 00:51:49 ----A---- C:\Windows\system32\ieframe.dll
2015-09-04 00:51:45 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-04 00:51:44 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-04 00:51:42 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-04 00:51:40 ----A---- C:\Windows\system32\jscript9.dll
2015-09-04 00:51:35 ----A---- C:\Windows\system32\iertutil.dll
2015-09-04 00:37:08 ----A---- C:\Windows\system32\generaltel.dll
2015-09-04 00:37:07 ----A---- C:\Windows\system32\invagent.dll
2015-09-04 00:37:07 ----A---- C:\Windows\system32\devinv.dll
2015-09-04 00:37:07 ----A---- C:\Windows\system32\appraiser.dll
2015-09-04 00:37:07 ----A---- C:\Windows\system32\aeinv.dll
2015-09-04 00:37:07 ----A---- C:\Windows\system32\acmigration.dll
2015-09-04 00:37:04 ----A---- C:\Windows\system32\aepdu.dll
2015-09-04 00:37:03 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-09-04 00:36:35 ----A---- C:\Windows\system32\mstscax.dll
2015-09-04 00:36:33 ----A---- C:\Windows\system32\tsgqec.dll
2015-09-04 00:36:32 ----A---- C:\Windows\system32\aaclient.dll
2015-09-04 00:34:58 ----A---- C:\Windows\system32\wucltux.dll
2015-09-04 00:34:58 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-04 00:34:57 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-04 00:34:57 ----A---- C:\Windows\system32\wups2.dll
2015-09-04 00:34:57 ----A---- C:\Windows\system32\wudriver.dll
2015-09-04 00:34:57 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-04 00:34:57 ----A---- C:\Windows\system32\wuapp.exe
2015-09-04 00:34:57 ----A---- C:\Windows\system32\wuapi.dll
2015-09-04 00:34:57 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-09-04 00:34:56 ----A---- C:\Windows\system32\wups.dll
2015-09-04 00:34:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-04 00:30:52 ----A---- C:\Windows\system32\WebClnt.dll
2015-09-04 00:30:51 ----A---- C:\Windows\system32\davclnt.dll
2015-09-04 00:28:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-04 00:28:20 ----A---- C:\Windows\system32\ntdll.dll
2015-09-04 00:28:18 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-09-04 00:28:16 ----A---- C:\Windows\system32\sysmain.dll
2015-09-04 00:28:16 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-09-04 00:28:15 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-04 00:28:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-04 00:28:12 ----A---- C:\Windows\system32\srcore.dll
2015-09-04 00:28:12 ----A---- C:\Windows\system32\kerberos.dll
2015-09-04 00:28:11 ----A---- C:\Windows\system32\rstrui.exe
2015-09-04 00:28:10 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-04 00:28:09 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-04 00:28:07 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-04 00:28:01 ----A---- C:\Windows\system32\schannel.dll
2015-09-04 00:28:00 ----A---- C:\Windows\system32\smss.exe
2015-09-04 00:28:00 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-04 00:28:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-04 00:27:59 ----A---- C:\Windows\system32\wdigest.dll
2015-09-04 00:27:59 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-04 00:27:58 ----A---- C:\Windows\system32\sspicli.dll
2015-09-04 00:27:58 ----A---- C:\Windows\system32\lsass.exe
2015-09-04 00:27:58 ----A---- C:\Windows\system32\auditpol.exe
2015-09-04 00:27:57 ----A---- C:\Windows\system32\srclient.dll
2015-09-04 00:27:54 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-04 00:27:54 ----A---- C:\Windows\system32\secur32.dll
2015-09-04 00:27:54 ----A---- C:\Windows\system32\msmmsp.dll
2015-09-04 00:27:54 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-04 00:27:53 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-04 00:27:53 ----A---- C:\Windows\system32\credssp.dll
2015-09-04 00:27:51 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-04 00:27:51 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-04 00:27:51 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-04 00:27:50 ----A---- C:\Windows\system32\msaudite.dll
2015-09-04 00:27:50 ----A---- C:\Windows\system32\adtschema.dll
2015-09-04 00:27:48 ----A---- C:\Windows\system32\msobjs.dll
2015-09-04 00:22:44 ----A---- C:\Windows\system32\shell32.dll
2015-09-04 00:22:02 ----A---- C:\Windows\system32\DWrite.dll
2015-09-04 00:22:02 ----A---- C:\Windows\system32\atmfd.dll
2015-09-04 00:22:01 ----A---- C:\Windows\system32\FntCache.dll
2015-09-04 00:21:57 ----A---- C:\Windows\system32\win32k.sys
2015-09-04 00:21:55 ----A---- C:\Windows\system32\d3d10warp.dll
2015-09-04 00:21:54 ----A---- C:\Windows\system32\dciman32.dll
2015-09-04 00:21:54 ----A---- C:\Windows\system32\atmlib.dll
2015-09-04 00:21:53 ----A---- C:\Windows\system32\lpk.dll
2015-09-04 00:21:53 ----A---- C:\Windows\system32\fontsub.dll
2015-09-04 00:19:26 ----A---- C:\Windows\system32\basesrv.dll
2015-09-04 00:16:46 ----D---- C:\Users\radiboy\AppData\Roaming\ESET
2015-09-04 00:14:45 ----A---- C:\Windows\system32\msxml3.dll
2015-09-04 00:14:43 ----A---- C:\Windows\system32\msxml6.dll
2015-09-04 00:14:42 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-04 00:14:41 ----A---- C:\Windows\system32\msxml3r.dll
2015-08-09 22:35:01 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-08-09 22:33:56 ----D---- C:\ProgramData\Malwarebytes
2015-08-09 22:33:56 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-08-09 22:33:56 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-08-09 22:33:56 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-08-09 22:33:56 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-08-09 22:29:03 ----D---- C:\Users\radiboy\AppData\Roaming\www.shadowexplorer.com
2015-08-09 22:27:10 ----D---- C:\ProgramData\ParetoLogic
2015-08-09 22:27:10 ----D---- C:\Program Files\Common Files\ParetoLogic
2015-08-09 22:27:07 ----D---- C:\Program Files\ParetoLogic
2015-08-09 10:24:16 ----D---- C:\Program Files\ESET

======List of files/folders modified in the last 1 month======

2015-09-07 22:18:26 ----RD---- C:\Program Files
2015-09-07 22:18:19 ----D---- C:\Windows\Temp
2015-09-07 21:59:22 ----D---- C:\Windows\system32\config
2015-09-07 01:14:32 ----A---- C:\Windows\ntbtlog.txt
2015-09-07 01:00:50 ----D---- C:\Windows\winsxs
2015-09-07 00:59:26 ----D---- C:\Program Files\Microsoft Silverlight
2015-09-07 00:56:35 ----SD---- C:\Windows\system32\CompatTel
2015-09-07 00:56:34 ----D---- C:\Windows\system32\cs-CZ
2015-09-07 00:56:34 ----D---- C:\Windows\system32\appraiser
2015-09-07 00:56:34 ----D---- C:\Windows\System32
2015-09-07 00:56:34 ----D---- C:\Windows\AppPatch
2015-09-07 00:56:33 ----D---- C:\Windows
2015-09-07 00:56:31 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-09-07 00:56:30 ----D---- C:\Windows\system32\drivers
2015-09-06 22:40:43 ----SHD---- C:\Windows\Installer
2015-09-06 22:40:16 ----D---- C:\ProgramData\Microsoft Help
2015-09-06 22:10:40 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-09-06 21:43:20 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-09-04 18:57:48 ----D---- C:\Program Files\Bluetooth Suite
2015-09-04 18:56:18 ----D---- C:\Windows\system32\Tasks
2015-09-04 13:15:05 ----D---- C:\Windows\rescache
2015-09-04 08:44:38 ----D---- C:\Windows\Microsoft.NET
2015-09-04 08:07:37 ----D---- C:\Windows\system32\en-US
2015-09-04 08:07:34 ----D---- C:\Program Files\Internet Explorer
2015-09-04 03:32:54 ----A---- C:\Windows\system32\MRT.exe
2015-09-04 03:12:41 ----D---- C:\Users\radiboy\AppData\Roaming\uTorrent
2015-09-04 02:56:43 ----HD---- C:\ProgramData
2015-09-04 02:01:45 ----D---- C:\Windows\system32\DriverStore
2015-09-04 02:01:44 ----D---- C:\Windows\inf
2015-09-04 00:32:36 ----D---- C:\Users\radiboy\AppData\Roaming\Skype
2015-09-04 00:22:55 ----D---- C:\Windows\Tasks
2015-09-04 00:11:33 ----D---- C:\Windows\system32\catroot2
2015-08-09 23:12:40 ----D---- C:\Windows\registration
2015-08-09 22:31:44 ----SD---- C:\Users\radiboy\AppData\Roaming\Microsoft
2015-08-09 22:27:10 ----D---- C:\Program Files\Common Files
2015-08-09 13:00:19 ----D---- C:\Users\radiboy\AppData\Roaming\PC Suite
2015-08-09 12:59:44 ----D---- C:\Users\radiboy\AppData\Roaming\Mozilla
2015-08-09 12:59:10 ----D---- C:\Users\radiboy\AppData\Roaming\DAEMON Tools Lite
2015-08-09 12:56:07 ----D---- C:\Users\radiboy\AppData\Roaming\Corel
2015-08-09 12:55:27 ----D---- C:\Users\radiboy\AppData\Roaming\Adobe
2015-08-09 12:42:54 ----D---- C:\ProgramData\CMUV
2015-08-09 12:42:43 ----D---- C:\ProgramData\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 60552]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-05-30 466008]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-14 242240]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-07-14 202704]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-07-14 144536]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 46656]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-07-14 185176]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-24 7800832]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-24 245760]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-03-30 100880]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-03-01 4248640]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-07-14 25248]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2011-03-25 1284736]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2011-01-25 68720]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-01-13 1324976]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-28 35968]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys [2009-06-03 483200]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-07-14 35488]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-07-14 289952]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-07-14 97440]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-07-14 147616]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-07-14 60064]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-07-14 263968]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 eapihdrv;eapihdrv; \??\C:\Users\radiboy\AppData\Local\Temp\ehdrv.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-03-01 92032]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-07 98520]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 15872]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 197224]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-04-29 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-24 176128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg32.exe,-100; C:\Windows\system32\CxAudMsg32.exe [2010-12-17 190592]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2015-07-08 1353720]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S2 AtherosSvc;AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe []
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-04 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-06 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-03-28 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-04 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-15 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-04 149160]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-06 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 07 zář 2015 21:45
od Rudy
Zdravím!
Jak je na tom váš oper. systém s legalitou?

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 07 zář 2015 21:49
od jordi
tak to teda netusim...
je to bratov notebook, neviem, ci bol k tomu, alebo sa tam dostal inaksou cestou...

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 08 zář 2015 17:35
od Rudy
OK. Zkusíme tento postup:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na havěť PURITY" a do dolního bílého okna zkopírujte:
CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
a klikněte na >Prohledat<. Dejte oba logy

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 08 zář 2015 22:37
od jordi
OTL logfile created on: 8. 9. 2015 21:45:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\radiboy\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,50 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 51,80% Memory free
6,99 Gb Paging File | 5,23 Gb Available in Paging File | 74,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 21,98 Gb Free Space | 22,51% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 187,69 Gb Free Space | 80,59% Space Free | Partition Type: NTFS
Drive E: | 135,22 Gb Total Space | 93,33 Gb Free Space | 69,02% Space Free | Partition Type: NTFS

Computer Name: RADO | User Name: radiboy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/09/08 21:43:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\radiboy\Downloads\OTL.exe
PRC - [2015/09/06 22:10:39 | 003,423,944 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
PRC - [2015/09/04 09:00:22 | 000,377,000 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2015/07/08 15:22:16 | 005,089,480 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2015/05/09 05:12:59 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2015/04/29 15:15:00 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/09/25 07:01:56 | 001,414,984 | R--- | M] (ACD Systems) -- C:\Program Files\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe
PRC - [2012/11/23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/05/24 18:03:56 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/05/24 18:03:28 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/27 11:55:14 | 000,286,720 | ---- | M] (BlazeVideo Company) -- C:\Program Files\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe
PRC - [2011/01/15 17:48:44 | 000,452,016 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2010/12/17 02:17:54 | 000,190,592 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\System32\CxAudMsg32.exe
PRC - [2010/05/17 18:03:14 | 000,105,632 | ---- | M] (Corel) -- C:\Program Files\Common Files\Corel\Standby\Standby.exe
PRC - [2009/12/23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (No Company Name) ==========

MOD - [2015/09/06 22:10:27 | 017,482,952 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_18_0_0_232.dll
MOD - [2015/07/30 15:13:38 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2015/07/30 15:13:37 | 005,283,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2015/07/30 15:13:37 | 004,222,976 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2015/02/14 01:28:56 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2015/02/14 01:28:56 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2015/02/07 01:24:17 | 005,287,936 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2014/09/04 03:43:07 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2014/07/09 00:13:22 | 002,056,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2014/07/09 00:13:21 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2014/07/09 00:13:20 | 004,554,752 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2014/05/20 00:47:55 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2014/03/21 00:49:19 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2011/07/29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/05/25 00:50:44 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011/04/12 03:36:58 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011/04/12 03:36:58 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2011/04/12 03:36:50 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2011/03/22 11:17:54 | 000,016,384 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2011/01/10 17:35:22 | 000,106,496 | ---- | M] () -- C:\Program Files\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\mlutil.dll
MOD - [2011/01/10 17:35:18 | 000,073,728 | ---- | M] () -- C:\Program Files\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\VersionInfo.dll
MOD - [2011/01/10 17:35:14 | 000,032,768 | ---- | M] () -- C:\Program Files\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MMKeyboardHook.dll
MOD - [2010/11/20 23:29:42 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2010/11/13 03:54:29 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010/11/13 03:54:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/06/10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
MOD - [2009/06/10 23:14:46 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2009/06/10 23:14:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2009/06/10 23:14:43 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2015/09/06 22:10:44 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/09/04 09:00:19 | 000,149,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/07/16 21:39:29 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2015/05/25 20:01:45 | 000,853,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015/04/29 15:15:00 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/12/11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/03/28 08:41:10 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/01/05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2011/11/06 15:39:11 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/06/08 14:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/05/24 18:03:28 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/12/17 02:17:54 | 000,190,592 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\System32\CxAudMsg32.exe -- (CxAudMsg)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\radiboy\AppData\Local\Temp\ehdrv.sys -- (eapihdrv)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (avsbpv9b)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (au7lzzc8)
DRV - [2015/09/07 01:09:18 | 000,098,520 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2015/07/14 15:29:08 | 000,202,704 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2015/07/14 15:29:08 | 000,185,176 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2015/07/14 15:29:08 | 000,144,536 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2015/07/14 15:29:08 | 000,060,552 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2015/07/14 15:29:08 | 000,046,656 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2015/06/11 19:15:04 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2013/05/30 18:40:45 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012/02/14 11:06:14 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/07/14 18:48:42 | 000,263,968 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV - [2011/07/14 18:48:40 | 000,147,616 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV - [2011/07/14 18:48:40 | 000,097,440 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_avdt.sys -- (btath_avdt)
DRV - [2011/07/14 18:48:40 | 000,060,064 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV - [2011/07/14 18:48:40 | 000,035,488 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_flt.sys -- (AthBTPort)
DRV - [2011/07/14 18:48:40 | 000,025,248 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btath_bus.sys -- (BTATH_BUS)
DRV - [2011/07/14 18:48:38 | 000,289,952 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV - [2011/05/24 19:25:50 | 007,800,832 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/05/24 17:25:22 | 000,245,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/05/18 11:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/05/18 11:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/05/18 11:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/05/18 11:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/03/30 09:46:38 | 000,100,880 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011/03/25 05:50:12 | 001,284,736 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2011/01/25 06:47:42 | 000,068,720 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/12/01 11:12:04 | 000,197,224 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010/11/28 23:50:40 | 000,035,968 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010/11/20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010/11/20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010/11/20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 23:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010/11/20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 02:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/14 02:14:49 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/06/03 01:57:34 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2008/08/26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/03/01 00:44:14 | 000,092,032 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4124711928-2221199952-3497475792-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 07 95 E2 95 20 3D CD 01 [binary data]
IE - HKU\S-1-5-21-4124711928-2221199952-3497475792-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4124711928-2221199952-3497475792-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-4124711928-2221199952-3497475792-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "SK"
FF - prefs.js..browser.search.hiddenOneOffs: "DuckDuckGo"
FF - prefs.js..browser.search.region: "SK"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0.3
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/11/13 23:12:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2015/09/04 08:59:57 | 000,000,000 | ---D | M]

[2012/06/08 07:27:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\radiboy\AppData\Roaming\Mozilla\Extensions
[2015/09/06 21:59:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\radiboy\AppData\Roaming\Mozilla\Firefox\Profiles\3x8f1f81.default-1427135331899\extensions
[2015/07/13 11:11:31 | 000,095,369 | ---- | M] () (No name found) -- C:\Users\radiboy\AppData\Roaming\Mozilla\Firefox\Profiles\3x8f1f81.default-1427135331899\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi
[2015/09/04 08:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015/09/04 09:00:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\radiboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\radiboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\radiboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\radiboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: No name found = C:\Users\radiboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O4 - HKLM..\Run: [ACSW17EN] C:\Program Files\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe (ACD Systems)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe" File not found
O4 - HKLM..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe" File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [Standby] c:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Ulead Systems, Inc.)
O4 - HKU\S-1-5-21-4124711928-2221199952-3497475792-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-4124711928-2221199952-3497475792-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-4124711928-2221199952-3497475792-1000..\Run: [BlazeServoTool] C:\Program Files\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe (BlazeVideo Company)
O4 - HKU\S-1-5-21-4124711928-2221199952-3497475792-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{261769E6-0BDD-4080-84EB-1B961BC0F050}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6912BB7E-70D9-4F9B-889A-87DC7C9A5A71}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF68E829-C080-451D-87CE-0C006B6D819F}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/10/29 11:41:07 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{04bd25d7-53ee-11e1-916c-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{04bd25d7-53ee-11e1-916c-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2d939a48-1be8-11e1-92d7-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{2d939a48-1be8-11e1-92d7-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{431d9547-2dee-11e1-a6b3-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{431d9547-2dee-11e1-a6b3-b870f4f935ed}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{48c0895d-1b62-11e1-9120-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{48c0895d-1b62-11e1-9120-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5e97e70d-22af-11e1-b481-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{5e97e70d-22af-11e1-b481-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5e97e710-22af-11e1-b481-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{5e97e710-22af-11e1-b481-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{81c122db-53f0-11e1-bc45-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{81c122db-53f0-11e1-bc45-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a319f790-56e6-11e1-af13-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{a319f790-56e6-11e1-af13-b870f4f935ed}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{c0693912-1b6d-11e1-85d1-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{c0693912-1b6d-11e1-85d1-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d2194ed0-3bec-11e1-b16f-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{d2194ed0-3bec-11e1-b16f-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d2194ed2-3bec-11e1-b16f-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{d2194ed2-3bec-11e1-b16f-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fa60c173-0856-11e1-b64a-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{fa60c173-0856-11e1-b64a-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fa60c17a-0856-11e1-b64a-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{fa60c17a-0856-11e1-b64a-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sh4native Sh4Removal)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.dvacm - c:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.MPEGacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015/09/07 22:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015/09/07 22:18:25 | 000,000,000 | ---D | C] -- C:\rsit
[2015/09/06 22:20:11 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/09/04 08:59:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015/09/04 03:07:44 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2015/09/04 02:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon
[2015/09/04 02:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2015/09/04 02:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2015/09/04 02:55:12 | 000,000,000 | ---D | C] -- C:\Users\radiboy\AppData\Roaming\Enigma Software Group
[2015/09/04 01:57:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2015/09/04 01:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2015/09/04 00:52:09 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015/09/04 00:52:08 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015/09/04 00:52:08 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015/09/04 00:52:07 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015/09/04 00:52:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015/09/04 00:52:06 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015/09/04 00:52:05 | 000,342,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015/09/04 00:52:04 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/09/04 00:52:03 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015/09/04 00:52:03 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015/09/04 00:52:03 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/09/04 00:52:03 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/09/04 00:52:02 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/09/04 00:51:59 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/09/04 00:51:58 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015/09/04 00:51:57 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015/09/04 00:51:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015/09/04 00:51:52 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/09/04 00:51:50 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/09/04 00:51:46 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/09/04 00:51:44 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015/09/04 00:51:42 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015/09/04 00:51:40 | 004,520,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/09/04 00:37:08 | 000,598,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015/09/04 00:37:07 | 000,952,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015/09/04 00:37:07 | 000,934,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2015/09/04 00:37:07 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015/09/04 00:37:07 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015/09/04 00:37:07 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2015/09/04 00:37:04 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015/09/04 00:37:03 | 000,015,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2015/09/04 00:36:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2015/09/04 00:36:32 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2015/09/04 00:34:58 | 002,943,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2015/09/04 00:34:57 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2015/09/04 00:34:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2015/09/04 00:34:57 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2015/09/04 00:34:57 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2015/09/04 00:34:57 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2015/09/04 00:34:57 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2015/09/04 00:34:56 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2015/09/04 00:34:56 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2015/09/04 00:28:21 | 003,934,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/09/04 00:28:18 | 003,989,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/09/04 00:28:12 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015/09/04 00:28:11 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015/09/04 00:28:09 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015/09/04 00:28:00 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/09/04 00:27:58 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015/09/04 00:27:54 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015/09/04 00:27:54 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2015/09/04 00:27:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015/09/04 00:27:50 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015/09/04 00:27:50 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015/09/04 00:27:48 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015/09/04 00:22:02 | 001,251,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2015/09/04 00:22:02 | 000,299,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2015/09/04 00:21:57 | 002,384,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015/09/04 00:21:55 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2015/09/04 00:21:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2015/09/04 00:21:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2015/09/04 00:21:53 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2015/09/04 00:19:26 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2015/09/04 00:16:47 | 000,000,000 | ---D | C] -- C:\Users\radiboy\AppData\Local\ESET
[2015/09/04 00:16:46 | 000,000,000 | ---D | C] -- C:\Users\radiboy\AppData\Roaming\ESET
[2015/09/04 00:14:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2015/09/04 00:14:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2015/08/10 00:04:27 | 000,000,000 | ---D | C] -- C:\Users\radiboy\AppData\Local\LockerUnlocker
[2015/08/09 22:35:01 | 000,098,520 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/08/09 22:34:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/08/09 22:33:56 | 000,094,936 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015/08/09 22:33:56 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015/08/09 22:33:56 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2015/08/09 22:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2015/08/09 22:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/08/09 22:33:38 | 000,000,000 | ---D | C] -- C:\Users\radiboy\AppData\Local\Programs
[2015/08/09 22:29:03 | 000,000,000 | ---D | C] -- C:\Users\radiboy\AppData\Roaming\www.shadowexplorer.com
[2015/08/09 22:27:11 | 000,000,000 | ---D | C] -- C:\Users\radiboy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
[2015/08/09 22:27:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2015/08/09 22:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2015/08/09 22:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/09/08 21:52:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/09/08 21:44:12 | 000,026,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/09/08 21:44:12 | 000,026,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/09/08 21:36:12 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/09/08 21:36:04 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\bggmb.job
[2015/09/08 21:35:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/09/08 21:35:29 | 2814,562,304 | -HS- | M] () -- C:\hiberfil.sys
[2015/09/07 23:08:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/09/07 22:27:17 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/09/07 01:09:18 | 000,098,520 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/09/07 00:59:13 | 000,008,214 | ---- | M] () -- C:\spyhunter.fix
[2015/09/07 00:55:38 | 000,023,745 | ---- | M] () -- C:\Users\radiboy\Desktop\xx.png
[2015/09/06 22:10:40 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/09/06 22:10:40 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015/09/06 21:55:20 | 000,001,296 | ---- | M] () -- C:\Users\Public\Desktop\SpyHunter.lnk
[2015/09/06 21:50:38 | 000,009,180 | ---- | M] () -- C:\Users\radiboy\Desktop\vir.png
[2015/09/04 08:45:05 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/09/04 08:11:43 | 003,833,048 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/08/22 12:54:35 | 000,035,869 | ---- | M] () -- C:\Users\radiboy\Desktop\xx.jpg
[2015/08/11 02:33:19 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/08/09 23:54:30 | 000,037,691 | ---- | M] () -- C:\Users\radiboy\Desktop\test.jpg
[2015/08/09 22:36:17 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/08/09 22:27:20 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2015/08/09 22:27:11 | 000,001,225 | ---- | M] () -- C:\Users\radiboy\Desktop\Data Recovery Pro.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/09/08 21:52:00 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/09/07 01:01:08 | 2814,562,304 | -HS- | C] () -- C:\hiberfil.sys
[2015/09/07 00:55:37 | 000,023,745 | ---- | C] () -- C:\Users\radiboy\Desktop\xx.png
[2015/09/06 21:50:36 | 000,009,180 | ---- | C] () -- C:\Users\radiboy\Desktop\vir.png
[2015/09/04 18:56:16 | 000,021,888 | ---- | C] () -- C:\Windows\System32\sh4native.exe
[2015/09/04 18:56:16 | 000,008,214 | ---- | C] () -- C:\spyhunter.fix
[2015/09/04 02:56:31 | 000,001,296 | ---- | C] () -- C:\Users\Public\Desktop\SpyHunter.lnk
[2015/08/22 12:54:35 | 000,035,869 | ---- | C] () -- C:\Users\radiboy\Desktop\xx.jpg
[2015/08/09 23:54:30 | 000,037,691 | ---- | C] () -- C:\Users\radiboy\Desktop\test.jpg
[2015/08/09 22:34:03 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/08/09 22:27:20 | 000,000,400 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2015/08/09 22:27:11 | 000,001,225 | ---- | C] () -- C:\Users\radiboy\Desktop\Data Recovery Pro.lnk
[2015/03/29 00:33:59 | 000,045,982 | ---- | C] () -- C:\Users\radiboy\HELP_DECRYPT.PNG
[2015/03/27 11:04:09 | 000,045,836 | ---- | C] () -- C:\Users\radiboy\AppData\Roaming\HELP_DECRYPT.PNG
[2015/03/27 10:51:00 | 000,045,836 | ---- | C] () -- C:\Users\radiboy\AppData\Local\HELP_DECRYPT.PNG
[2015/03/27 10:44:55 | 000,045,836 | ---- | C] () -- C:\ProgramData\HELP_DECRYPT.PNG
[2014/05/26 10:33:33 | 000,185,344 | RHS- | C] () -- C:\Windows\System32\ntlanui2L.dll
[2013/05/30 17:15:49 | 000,005,186 | ---- | C] () -- C:\Program Files\Uninstall.ini
[2012/02/10 17:21:02 | 000,000,008 | RHS- | C] () -- C:\ProgramData\E6F93E65CB.sys
[2012/02/10 17:21:01 | 000,005,642 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

========== ZeroAccess Check ==========

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/07/10 19:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/01/30 16:58:41 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\DAEMON Tools
[2015/08/09 12:59:10 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\DAEMON Tools Lite
[2015/09/04 02:55:12 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Enigma Software Group
[2015/09/04 00:16:47 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\ESET
[2011/12/10 00:02:12 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Nokia
[2015/08/09 13:00:19 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\PC Suite
[2012/06/19 15:52:46 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/12/28 19:04:33 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Ulead Systems
[2015/09/04 03:12:41 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\uTorrent
[2015/08/09 22:29:03 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\www.shadowexplorer.com

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 06:53:46 | 000,032,618 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2011/11/06 11:16:42 | 000,000,920 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/11/06 11:16:43 | 000,000,924 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/03/28 09:03:47 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/05/26 10:33:33 | 000,000,314 | ---- | C] () -- C:\Windows\Tasks\bggmb.job
[2015/08/09 22:27:20 | 000,000,400 | ---- | C] () -- C:\Windows\Tasks\ParetoLogic Registration3.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010/11/20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: SCECLI.DLL >
[2010/11/20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2015/04/13 05:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\System32\services.exe
[2015/04/13 05:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015/04/11 05:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe

< MD5 for: SVCHOST.EXE >
[2015/06/18 08:39:28 | 000,893,752 | ---- | M] (MalwareBytes) MD5=0692C8163852AB5674E2EB3B36131EF3 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/06/21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2012/08/22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011/04/25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010/11/20 23:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013/01/04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013/07/06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013/07/06 06:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2014/04/05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014/04/05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2013/05/08 08:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011/09/29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013/09/07 04:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011/04/25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013/01/03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012/03/30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2012/03/30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012/08/22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013/09/08 04:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013/05/08 07:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012/10/03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013/11/26 13:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2011/06/21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012/10/03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2014/04/05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2015/06/18 08:39:28 | 000,893,752 | ---- | M] (MalwareBytes) MD5=0692C8163852AB5674E2EB3B36131EF3 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014/07/16 04:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014/07/17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014/07/17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010/11/20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2014/03/04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014/03/04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[22 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[101 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\{4F8A955B-F5EA-4D23-AC90-8A37158AD908}\*.tmp files -> C:\Windows\Temp\{4F8A955B-F5EA-4D23-AC90-8A37158AD908}\*.tmp -> ]
[1 C:\Windows\Temp\Google Toolbar\*.tmp files -> C:\Windows\Temp\Google Toolbar\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2015/08/09 12:55:27 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Adobe
[2015/01/15 16:41:00 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Atheros
[2011/11/06 12:26:35 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\ATI
[2015/08/09 12:56:07 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Corel
[2012/01/30 16:58:41 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\DAEMON Tools
[2015/08/09 12:59:10 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\DAEMON Tools Lite
[2011/12/25 16:53:34 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\DivX
[2015/09/04 02:55:12 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Enigma Software Group
[2015/09/04 00:16:47 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\ESET
[2011/11/06 11:17:39 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Google
[2011/11/06 10:38:08 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Identities
[2011/12/27 00:28:55 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\InstallShield
[2011/11/06 11:17:43 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Macromedia
[2011/04/12 03:46:16 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Media Center Programs
[2015/08/09 22:31:44 | 000,000,000 | --SD | M] -- C:\Users\radiboy\AppData\Roaming\Microsoft
[2015/08/09 12:59:44 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Mozilla
[2011/12/10 00:02:12 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Nokia
[2015/08/09 13:00:19 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\PC Suite
[2015/09/04 00:32:36 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Skype
[2012/06/19 15:52:46 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/12/28 19:04:33 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\Ulead Systems
[2015/09/04 03:12:41 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\uTorrent
[2015/05/18 11:09:33 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\vlc
[2011/12/25 16:46:56 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\WinRAR
[2015/08/09 22:29:03 | 000,000,000 | ---D | M] -- C:\Users\radiboy\AppData\Roaming\www.shadowexplorer.com

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2014/05/26 10:33:33 | 000,185,344 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\system32\ntlanui2L.dll

< %systemroot%\Tasks\*.job >
[2015/09/08 22:08:05 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015/09/08 21:36:04 | 000,000,314 | ---- | M] () -- C:\Windows\Tasks\bggmb.job
[2015/09/08 21:36:12 | 000,000,920 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015/09/08 22:28:17 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015/08/09 22:27:20 | 000,000,400 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2014/05/26 10:33:33 | 000,185,344 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\system32\ntlanui2L.dll

< %systemroot%\system32\drivers\*.sys /3 >
[2015/09/07 01:09:18 | 000,098,520 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\MBAMSwissArmy.sys

< %systemroot%\system32\*.* /3 >
[2015/09/08 21:44:12 | 000,026,576 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/09/08 21:44:12 | 000,026,576 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/09/06 22:10:40 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2015/09/06 22:10:40 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BlazeServoTool" = "C:\Program Files\BlazeVideo\BlazeVideo HDTV Player 6.6 Standard\MediaDetector.exe" -- [2011/01/27 11:55:14 | 000,286,720 | ---- | M] (BlazeVideo Company)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012/01/19 19:08:34 | 003,477,312 | ---- | M] (DT Soft Ltd)
"AdobeBridge" =
"AlcoholAutomount" = "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount -- [2012/01/05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2014/12/11 11:20:32 | 030,877,280 | R--- | M] (Skype Technologies S.A.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2015/09/04 09:00:22 | 000,377,000 | ---- | M] (Mozilla Corporation) MD5=05299546F243159CB8A42906ACB219A8 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015/07/21 02:12:30 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=C2A6A7E10E872F62F261637B67AFB248 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2015/08/28 02:17:48 | 000,815,944 | ---- | M] (Google Inc.) MD5=16E1EA189D721E60D17D1BC8E0392702 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015/09/08 21:52:00 | 000,000,512 | ---- | M] () MD5=784980AAF9103B5001ABD7F305184DB3 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011/12/28 11:29:40 | 023,666,048 | ---- | M] () -- \Users\radiboy\Downloads\Unlead-video-Studio-10-+-crack-+-CZ-by-patamat12345.rar

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 08 zář 2015 22:38
od jordi
< *keygen* /s >
[2010/06/12 12:34:40 | 000,229,312 | ---- | M] () -- \Users\radiboy\Desktop\Corel VideoStudio Pro X3 v13.6.2.36\Keygens_Backup.rar
[2010/04/08 14:14:02 | 000,016,384 | ---- | M] () -- \Users\radiboy\Desktop\Corel VideoStudio Pro X3 v13.6.2.36\Keygen_(AGAIN)-New!\CVSP.X3_Keygen-(AGAiN).exe
[2010/06/12 12:22:38 | 000,032,240 | ---- | M] () -- \Users\radiboy\Desktop\Corel VideoStudio Pro X3 v13.6.2.36\Keygen_(AGAIN)-New!\IMG-CVSP.X3_Keygen-(AGAiN).jpg
[2010/02/05 08:19:34 | 000,163,840 | ---- | M] () -- \Users\radiboy\Desktop\Corel VideoStudio Pro X3 v13.6.2.36\Keygen_(CORE)\CVSP.X3_Keygen-(CORE).exe
[2010/06/12 11:58:32 | 000,023,968 | ---- | M] () -- \Users\radiboy\Desktop\Corel VideoStudio Pro X3 v13.6.2.36\Keygen_(CORE)\IMG-CVSP.X3_Keygen-(CORE).jpg
[2011/12/27 20:25:31 | 673,725,776 | ---- | M] () -- \Users\radiboy\Downloads\Corel-VideoStudio-Pro-X3+-Keygen+CZ-návod-jak-správně-instalovat!!!.rar
[2012/02/18 11:09:01 | 000,038,400 | ---- | M] () -- \Users\radiboy\Downloads\Simpo PDF Converter Ultimate v1.5.1.0\Your Software Here\Keygen\keygen.exe

< *loader* /s >
[2013/07/26 08:43:16 | 003,350,736 | ---- | M] () -- \Program Files\ACD Systems\ACDSee\17.0\PlugIns\CX_Ftpuploader.apl
[2009/02/06 11:09:18 | 000,042,739 | R--- | M] () -- \Program Files\ACD Systems\ACDSee\17.0\PlugIns\CX_Ftpuploader.chm
[2008/08/28 20:34:20 | 004,965,736 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008/08/28 17:42:12 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008/08/28 17:42:14 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008/08/28 17:42:16 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012/03/13 12:18:28 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012/03/13 10:41:34 | 000,000,860 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012/03/13 10:41:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012/03/13 10:42:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012/03/13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012/03/13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012/03/13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012/03/13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012/03/13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012/03/13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012/03/13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012/03/13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012/03/13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012/03/13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012/03/13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012/03/13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012/03/13 10:42:06 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012/03/13 10:42:06 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2008/09/04 14:21:42 | 000,003,500 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS4\Scripts\Export As XHTML\startup scripts\XHTMLExportMenuItemLoader.jsx
[2008/09/04 14:21:42 | 000,002,915 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS4\Scripts\XHTML For Digital Editions\startup scripts\OEBExportMenuItemLoader.jsx
[2012/02/22 23:11:56 | 000,078,336 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012/02/22 23:11:56 | 000,155,136 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012/02/22 23:11:56 | 000,117,248 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2008/08/14 08:23:12 | 000,009,969 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2006/10/26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2006/10/26 13:45:02 | 000,061,440 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2006/10/26 13:45:02 | 000,004,608 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2009/01/04 20:53:08 | 000,002,945 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\accLoader.ini
[2010/05/17 18:04:16 | 000,111,776 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\VimeoUploader.dll
[2010/05/17 18:04:26 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\de-DE\MediaDownloader.resources.dll
[2010/05/17 18:04:42 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\de-DE\MediaDownloader_Lite.resources.dll
[2010/05/17 18:05:04 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\en-US\MediaDownloader.resources.dll
[2010/05/17 18:05:14 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\en-US\MediaDownloader_Lite.resources.dll
[2010/05/17 18:04:16 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\es-ES\MediaDownloader.resources.dll
[2010/05/17 18:04:26 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\es-ES\MediaDownloader_Lite.resources.dll
[2010/05/17 18:04:26 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\fr-FR\MediaDownloader.resources.dll
[2010/05/17 18:04:34 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\fr-FR\MediaDownloader_Lite.resources.dll
[2010/05/17 18:03:54 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\it-IT\MediaDownloader.resources.dll
[2010/05/17 18:04:06 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\it-IT\MediaDownloader_Lite.resources.dll
[2010/05/17 18:03:42 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\nl-NL\MediaDownloader.resources.dll
[2010/05/17 18:03:46 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\nl-NL\MediaDownloader_Lite.resources.dll
[2010/05/17 18:03:34 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\pl-PL\MediaDownloader.resources.dll
[2010/05/17 18:03:44 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\pl-PL\MediaDownloader_Lite.resources.dll
[2010/05/17 18:03:22 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\ru-RU\MediaDownloader.resources.dll
[2010/05/17 18:03:32 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\ru-RU\MediaDownloader_Lite.resources.dll
[2010/05/17 18:03:14 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\zh-CN\MediaDownloader.resources.dll
[2010/05/17 18:03:18 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\zh-CN\MediaDownloader_Lite.resources.dll
[2010/05/17 18:03:14 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\zh-HK\MediaDownloader.resources.dll
[2010/05/17 18:03:24 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\zh-HK\MediaDownloader_Lite.resources.dll
[2010/05/17 18:03:14 | 000,110,752 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\zh-TW\MediaDownloader.resources.dll
[2010/05/17 18:03:22 | 000,013,472 | ---- | M] () -- \Program Files\Corel\Corel VideoStudio Pro X3\zh-TW\MediaDownloader_Lite.resources.dll
[2009/12/26 15:08:34 | 000,331,976 | ---- | M] () -- \Program Files\Corel\MLE\VimeoUploader.dll
[2010/10/06 12:26:46 | 000,473,134 | ---- | M] () -- \Program Files\DVBViewer\DVBVDownloader.exe
[2011/12/25 16:50:04 | 000,001,028 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer\DVBViewer Pro Downloader.lnk
[2011/12/25 16:50:04 | 000,001,028 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\DVBViewer\DVBViewer Pro Downloader.lnk
[2015/01/30 21:13:07 | 000,755,000 | ---- | M] () -- \Users\radiboy\AppData\Local\Adobe\AIH.585f3f6d1c7adf32b2677429a269db776fde4610\downloader.dll
[2012/02/14 11:07:43 | 000,057,728 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012/02/14 11:07:43 | 000,057,728 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012/02/14 11:07:44 | 000,057,728 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012/02/14 11:07:44 | 000,057,728 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012/02/14 11:07:44 | 000,057,728 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012/02/14 11:07:44 | 000,061,770 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012/02/14 11:07:44 | 000,061,770 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012/08/07 06:40:59 | 000,000,723 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\05A1CCVV\downloaderror[1].js
[2012/05/10 18:08:33 | 000,010,519 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0V3D8T6R\AdLoader-aee74f28845638b42a47bb02dc06a7c6.min[1].js
[2012/03/27 09:23:21 | 000,010,364 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VZSL0\AdLoader-31f86c1d55aec17be3f2a203a8e4fb19.min[1].js
[2012/08/07 06:40:55 | 000,003,784 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Y1VZSL0\bundleloader[1].js
[2014/04/26 09:30:10 | 000,001,870 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A3E8KVDQ\AdLoader[1].htm
[2014/04/26 09:30:20 | 000,001,870 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A3E8KVDQ\AdLoader[2].htm
[2012/08/10 20:17:56 | 000,105,903 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZAMA9D5\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012/08/10 20:17:56 | 000,000,753 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZAMA9D5\AdLoader[2].htm
[2012/08/07 06:40:59 | 000,001,174 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZAMA9D5\downloader[1].js
[2013/12/21 22:31:56 | 000,110,991 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L8JAMFZU\AdLoader-7b857a7be889bd57f92da60a9b6146bb.min[1].js
[2013/12/18 11:19:36 | 000,001,537 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L8JAMFZU\AdLoader[1].htm
[2014/12/20 10:52:59 | 000,000,000 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OAUFTXJJ\PodLoaderModule-427[3].swf
[2014/04/26 09:30:11 | 000,112,122 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S4WCQI1A\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2015/09/07 23:00:53 | 001,186,850 | ---- | M] () -- \Users\radiboy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9WN5OSJL\loader[1].js
[2014/10/24 08:42:10 | 000,072,638 | ---- | M] () -- \Users\radiboy\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/10/24 08:42:10 | 000,003,032 | ---- | M] () -- \Users\radiboy\AppData\Local\Skype\Apps\login\images\loader.png
[2014/10/24 08:42:10 | 000,006,012 | ---- | M] () -- \Users\radiboy\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/10/24 08:42:10 | 000,021,956 | ---- | M] () -- \Users\radiboy\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/10/24 08:42:10 | 000,009,772 | ---- | M] () -- \Users\radiboy\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014/04/05 20:48:42 | 000,856,892 | ---- | M] () -- \Users\radiboy\Desktop\Sygic 13.4.2 (HUD + mapy 03.2014 + navod)\mapdownloader14_0_0_(20140313)\sgcmapdownloader.cry
[2014/04/05 20:48:24 | 000,045,056 | ---- | M] () -- \Users\radiboy\Desktop\Sygic 13.4.2 (HUD + mapy 03.2014 + navod)\mapdownloader14_0_0_(20140313)\sgcmapdownloader14.exe
[2012/04/16 08:26:23 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2015/07/15 05:32:15 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_da-dk_d3044f216ab5bf07.manifest
[2015/07/15 05:34:30 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_de-de_d02fe45d6c8c13a1.manifest
[2015/07/15 05:34:12 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_el-gr_78c611f05ba17c2f.manifest
[2015/07/15 05:04:54 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_en-us_7920ba565b6a1f66.manifest
[2015/07/15 05:34:55 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_es-es_78ec173a5b91110b.manifest
[2015/07/15 05:32:52 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_fi-fi_18071be750ab0335.manifest
[2015/07/15 05:34:22 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_fr-fr_1ba38d394e63276d.manifest
[2015/07/15 05:33:18 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_hu-hu_63140d8132c2f689.manifest
[2015/07/15 05:33:52 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_it-it_05cb838025950ceb.manifest
[2015/07/15 05:37:41 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_ja-jp_a7f1028d18b01ec6.manifest
[2015/07/15 05:37:31 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_ko-kr_4b5adf420b20e5dc.manifest
[2015/07/15 05:32:18 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_nb-no_33ed6076e3461198.manifest
[2015/07/15 05:32:50 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_nl-nl_322cabb4e4721b6d.manifest
[2015/07/15 05:32:11 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_pl-pl_78690636c9948921.manifest
[2015/07/15 05:35:15 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_pt-br_7abcf0dac81e1d05.manifest
[2015/07/15 05:32:00 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_pt-pt_7b9ec046c78d8ce1.manifest
[2015/07/15 05:34:48 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_ru-ru_c241d20aac6f1b0d.manifest
[2015/07/15 05:32:49 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_sv-se_5e3cbc7fa3982568.manifest
[2015/07/15 05:32:23 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_tr-tr_074a06c692542759.manifest
[2015/07/15 05:37:06 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_zh-cn_d8a724c4428bf978.manifest
[2015/07/15 05:31:32 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_zh-hk_d7521d5243676c08.manifest
[2015/07/15 05:37:09 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_zh-tw_dca3621a3ffcd5e8.manifest
[2015/07/15 05:32:10 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_43bd45e6af8c7864.manifest
[2015/07/15 05:32:15 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_da-dk_e0f7260da5d27463.manifest
[2015/07/15 05:34:01 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_de-de_de22bb49a7a8c8fd.manifest
[2015/07/15 05:34:12 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_el-gr_86b8e8dc96be318b.manifest
[2015/07/15 05:04:26 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_en-us_871391429686d4c2.manifest
[2015/07/15 05:34:26 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_es-es_86deee2696adc667.manifest
[2015/07/15 05:32:51 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_fi-fi_25f9f2d38bc7b891.manifest
[2015/07/15 05:33:49 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_fr-fr_29966425897fdcc9.manifest
[2015/07/15 05:32:51 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_hu-hu_7106e46d6ddfabe5.manifest
[2015/07/15 05:33:25 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_it-it_13be5a6c60b1c247.manifest
[2015/07/15 05:37:08 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_ja-jp_b5e3d97953ccd422.manifest
[2015/07/15 05:36:51 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_ko-kr_594db62e463d9b38.manifest
[2015/07/15 05:32:17 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_nb-no_41e037631e62c6f4.manifest
[2015/07/15 05:32:14 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_nl-nl_401f82a11f8ed0c9.manifest
[2015/07/15 05:31:43 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_pl-pl_865bdd2304b13e7d.manifest
[2015/07/15 05:34:49 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_pt-br_88afc7c7033ad261.manifest
[2015/07/15 05:31:34 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_pt-pt_8991973302aa423d.manifest
[2015/07/15 05:34:20 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_ru-ru_d034a8f6e78bd069.manifest
[2015/07/15 05:32:17 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_sv-se_6c2f936bdeb4dac4.manifest
[2015/07/15 05:31:53 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_tr-tr_153cddb2cd70dcb5.manifest
[2015/07/15 05:36:30 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_zh-cn_e699fbb07da8aed4.manifest
[2015/07/15 05:31:31 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_zh-hk_e544f43e7e842164.manifest
[2015/07/15 05:36:33 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_zh-tw_ea9639067b198b44.manifest
[2015/07/15 05:25:36 | 000,004,249 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c64d5f2b2d9727ec81ccfcc812e5053\x86_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_42768f32e1fd8667.manifest
[2015/07/15 20:43:51 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_da-dk_d2f97f356abddaf8.manifest
[2015/07/15 20:43:01 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_de-de_d02514716c942f92.manifest
[2015/07/15 20:44:36 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_el-gr_78bb42045ba99820.manifest
[2015/07/15 19:54:31 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_en-us_7915ea6a5b723b57.manifest
[2015/07/15 20:45:14 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_es-es_78e1474e5b992cfc.manifest
[2015/07/15 20:41:51 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_fi-fi_17fc4bfb50b31f26.manifest
[2015/07/15 20:42:39 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_fr-fr_1b98bd4d4e6b435e.manifest
[2015/07/15 20:43:53 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_hu-hu_63093d9532cb127a.manifest
[2015/07/15 20:44:33 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_it-it_05c0b394259d28dc.manifest
[2015/07/15 20:46:12 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_ja-jp_a7e632a118b83ab7.manifest
[2015/07/15 20:45:28 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_ko-kr_4b500f560b2901cd.manifest
[2015/07/15 20:43:53 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_nb-no_33e2908ae34e2d89.manifest
[2015/07/15 20:45:01 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_nl-nl_3221dbc8e47a375e.manifest
[2015/07/15 20:43:51 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_pl-pl_785e364ac99ca512.manifest
[2015/07/15 20:44:12 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_pt-br_7ab220eec82638f6.manifest
[2015/07/15 20:44:24 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_pt-pt_7b93f05ac795a8d2.manifest
[2015/07/15 20:44:19 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_ru-ru_c237021eac7736fe.manifest
[2015/07/15 20:44:01 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_sv-se_5e31ec93a3a04159.manifest
[2015/07/15 20:44:26 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_tr-tr_073f36da925c434a.manifest
[2015/07/15 20:44:42 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_zh-cn_d89c54d842941569.manifest
[2015/07/15 20:41:27 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_zh-hk_d7474d66436f87f9.manifest
[2015/07/15 20:44:50 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_zh-tw_dc98922e4004f1d9.manifest
[2015/07/15 20:43:28 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_43b275faaf949455.manifest
[2015/07/15 20:43:45 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_da-dk_e0ec5621a5da9054.manifest
[2015/07/15 20:42:32 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_de-de_de17eb5da7b0e4ee.manifest
[2015/07/15 20:44:35 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_el-gr_86ae18f096c64d7c.manifest
[2015/07/15 19:54:05 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_en-us_8708c156968ef0b3.manifest
[2015/07/15 20:44:44 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_es-es_86d41e3a96b5e258.manifest
[2015/07/15 20:41:51 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_fi-fi_25ef22e78bcfd482.manifest
[2015/07/15 20:42:14 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_fr-fr_298b94398987f8ba.manifest
[2015/07/15 20:42:49 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_hu-hu_70fc14816de7c7d6.manifest
[2015/07/15 20:43:21 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_it-it_13b38a8060b9de38.manifest
[2015/07/15 20:45:45 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_ja-jp_b5d9098d53d4f013.manifest
[2015/07/15 20:45:04 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_ko-kr_5942e6424645b729.manifest
[2015/07/15 20:43:51 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_nb-no_41d567771e6ae2e5.manifest
[2015/07/15 20:44:16 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_nl-nl_4014b2b51f96ecba.manifest
[2015/07/15 20:42:48 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_pl-pl_86510d3704b95a6e.manifest
[2015/07/15 20:43:22 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_pt-br_88a4f7db0342ee52.manifest
[2015/07/15 20:43:19 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_pt-pt_8986c74702b25e2e.manifest
[2015/07/15 20:43:29 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_ru-ru_d029d90ae793ec5a.manifest
[2015/07/15 20:42:54 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_sv-se_6c24c37fdebcf6b5.manifest
[2015/07/15 20:43:20 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_tr-tr_15320dc6cd78f8a6.manifest
[2015/07/15 20:44:17 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_zh-cn_e68f2bc47db0cac5.manifest
[2015/07/15 20:41:26 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_zh-hk_e53a24527e8c3d55.manifest
[2015/07/15 20:44:25 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_zh-tw_ea8b691a7b21a735.manifest
[2015/07/15 20:16:45 | 000,004,249 | ---- | M] () -- \Windows\SoftwareDistribution\Download\7b7614eb75e73fe74fbdd4d02b794638\x86_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_426bbf46e205a258.manifest
[2015/08/04 20:12:32 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_da-dk_d25468b451b5a7c4.manifest
[2015/08/04 20:13:53 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_de-de_cf7ffdf0538bfc5e.manifest
[2015/08/04 20:15:11 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_el-gr_78162b8342a164ec.manifest
[2015/08/04 19:52:22 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_en-us_7870d3e9426a0823.manifest
[2015/08/04 20:15:40 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_es-es_783c30cd4290f9c8.manifest
[2015/08/04 20:14:11 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_fi-fi_1757357a37aaebf2.manifest
[2015/08/04 20:14:17 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_fr-fr_1af3a6cc3563102a.manifest
[2015/08/04 20:13:37 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_hu-hu_6264271419c2df46.manifest
[2015/08/04 20:13:27 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_it-it_051b9d130c94f5a8.manifest
[2015/08/04 20:17:08 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_ja-jp_a7411c1fffb00783.manifest
[2015/08/04 20:16:05 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_ko-kr_4aaaf8d4f220ce99.manifest
[2015/08/04 20:13:10 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_nb-no_333d7a09ca45fa55.manifest
[2015/08/04 20:12:31 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_nl-nl_317cc547cb72042a.manifest
[2015/08/04 20:13:54 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_pl-pl_77b91fc9b09471de.manifest
[2015/08/04 20:15:15 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_pt-br_7a0d0a6daf1e05c2.manifest
[2015/08/04 20:14:32 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_pt-pt_7aeed9d9ae8d759e.manifest
[2015/08/04 20:12:53 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_ru-ru_c191eb9d936f03ca.manifest
[2015/08/04 20:13:13 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_sv-se_5d8cd6128a980e25.manifest
[2015/08/04 20:13:49 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_tr-tr_069a205979541016.manifest
[2015/08/04 20:17:34 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_zh-cn_d7f73e57298be235.manifest
[2015/08/04 20:11:16 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_zh-hk_d6a236e52a6754c5.manifest
[2015/08/04 20:17:04 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_zh-tw_dbf37bad26fcbea5.manifest
[2015/08/04 20:35:33 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_da-dk_d2e0de7f6ad0c6d5.manifest
[2015/08/04 20:23:51 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_de-de_d00c73bb6ca71b6f.manifest
[2015/08/04 20:24:55 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_el-gr_78a2a14e5bbc83fd.manifest
[2015/08/04 19:57:08 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_en-us_78fd49b45b852734.manifest
[2015/08/04 20:38:20 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_es-es_78c8a6985bac18d9.manifest
[2015/08/04 20:37:34 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_fi-fi_17e3ab4550c60b03.manifest
[2015/08/04 20:24:33 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_fr-fr_1b801c974e7e2f3b.manifest
[2015/08/04 20:23:42 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_hu-hu_62f09cdf32ddfe57.manifest
[2015/08/04 20:24:26 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_it-it_05a812de25b014b9.manifest
[2015/08/04 20:28:10 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_ja-jp_a7cd91eb18cb2694.manifest
[2015/08/04 20:30:33 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_ko-kr_4b376ea00b3bedaa.manifest
[2015/08/04 20:24:08 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_nb-no_33c9efd4e3611966.manifest
[2015/08/04 20:24:44 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_nl-nl_32093b12e48d233b.manifest
[2015/08/04 20:23:54 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_pl-pl_78459594c9af90ef.manifest
[2015/08/04 20:25:25 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_pt-br_7a998038c83924d3.manifest
[2015/08/04 20:23:32 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_pt-pt_7b7b4fa4c7a894af.manifest
[2015/08/04 20:27:30 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_ru-ru_c21e6168ac8a22db.manifest
[2015/08/04 20:24:42 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_sv-se_5e194bdda3b32d36.manifest
[2015/08/04 20:24:24 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_tr-tr_07269624926f2f27.manifest
[2015/08/04 20:26:49 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_zh-cn_d883b42242a70146.manifest
[2015/08/04 20:21:21 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_zh-hk_d72eacb0438273d6.manifest
[2015/08/04 20:27:27 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_zh-tw_dc7ff1784017ddb6.manifest
[2015/08/04 20:15:06 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_cs-cz_430d5f79968c6121.manifest
[2015/08/04 20:12:31 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_da-dk_e0473fa08cd25d20.manifest
[2015/08/04 20:13:21 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_de-de_dd72d4dc8ea8b1ba.manifest
[2015/08/04 20:15:11 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_el-gr_8609026f7dbe1a48.manifest
[2015/08/04 19:52:02 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_en-us_8663aad57d86bd7f.manifest
[2015/08/04 20:15:12 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_es-es_862f07b97dadaf24.manifest
[2015/08/04 20:14:11 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_fi-fi_254a0c6672c7a14e.manifest
[2015/08/04 20:13:39 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_fr-fr_28e67db8707fc586.manifest
[2015/08/04 20:13:16 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_hu-hu_7056fe0054df94a2.manifest
[2015/08/04 20:12:57 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_it-it_130e73ff47b1ab04.manifest
[2015/08/04 20:16:44 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_ja-jp_b533f30c3accbcdf.manifest
[2015/08/04 20:15:36 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_ko-kr_589dcfc12d3d83f5.manifest
[2015/08/04 20:13:10 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_nb-no_413050f60562afb1.manifest
[2015/08/04 20:12:04 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_nl-nl_3f6f9c34068eb986.manifest
[2015/08/04 20:13:27 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_pl-pl_85abf6b5ebb1273a.manifest
[2015/08/04 20:14:52 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_pt-br_87ffe159ea3abb1e.manifest
[2015/08/04 20:14:07 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_pt-pt_88e1b0c5e9aa2afa.manifest
[2015/08/04 20:12:26 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_ru-ru_cf84c289ce8bb926.manifest
[2015/08/04 20:12:49 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_sv-se_6b7facfec5b4c381.manifest
[2015/08/04 20:13:22 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_tr-tr_148cf745b470c572.manifest
[2015/08/04 20:17:09 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_zh-cn_e5ea154364a89791.manifest
[2015/08/04 20:11:16 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_zh-hk_e4950dd165840a21.manifest
[2015/08/04 20:16:37 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_zh-tw_e9e6529962197401.manifest
[2015/08/04 20:37:41 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_cs-cz_4399d544afa78032.manifest
[2015/08/04 20:35:33 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_da-dk_e0d3b56ba5ed7c31.manifest
[2015/08/04 20:23:13 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_de-de_ddff4aa7a7c3d0cb.manifest
[2015/08/04 20:24:54 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_el-gr_8695783a96d93959.manifest
[2015/08/04 19:56:56 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_en-us_86f020a096a1dc90.manifest
[2015/08/04 20:37:53 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_es-es_86bb7d8496c8ce35.manifest
[2015/08/04 20:37:34 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_fi-fi_25d682318be2c05f.manifest
[2015/08/04 20:24:05 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_fr-fr_2972f383899ae497.manifest
[2015/08/04 20:23:03 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_hu-hu_70e373cb6dfab3b3.manifest
[2015/08/04 20:23:48 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_it-it_139ae9ca60ccca15.manifest
[2015/08/04 20:27:37 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_ja-jp_b5c068d753e7dbf0.manifest
[2015/08/04 20:30:07 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_ko-kr_592a458c4658a306.manifest
[2015/08/04 20:24:07 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_nb-no_41bcc6c11e7dcec2.manifest
[2015/08/04 20:24:10 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_nl-nl_3ffc11ff1fa9d897.manifest
[2015/08/04 20:23:22 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_pl-pl_86386c8104cc464b.manifest
[2015/08/04 20:24:59 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_pt-br_888c57250355da2f.manifest
[2015/08/04 20:22:57 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_pt-pt_896e269102c54a0b.manifest
[2015/08/04 20:27:01 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_ru-ru_d0113854e7a6d837.manifest
[2015/08/04 20:24:12 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_sv-se_6c0c22c9decfe292.manifest
[2015/08/04 20:23:52 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_tr-tr_15196d10cd8be483.manifest
[2015/08/04 20:26:29 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_zh-cn_e6768b0e7dc3b6a2.manifest
[2015/08/04 20:21:21 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_zh-hk_e521839c7e9f2932.manifest
[2015/08/04 20:27:04 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_zh-tw_ea72c8647b349312.manifest
[2015/08/04 20:12:08 | 000,004,249 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_41c6a8c5c8fd6f24.manifest
[2015/08/04 20:18:49 | 000,004,249 | ---- | M] () -- \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\x86_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.23153_none_42531e90e2188e35.manifest
[2 \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\*.tmp files -> \Windows\SoftwareDistribution\Download\83186bb783e05492655623a296c0967d\*.tmp -> ]
[2015/05/09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/11/22 15:12:58 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009/07/14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2015/03/16 10:53:38 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd.manifest
[2015/03/16 10:53:38 | 000,034,744 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd_winload.exe.mui_3bc5b827
[2015/03/16 10:53:38 | 000,030,136 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd_winresume.exe.mui_ff8b5358
[2015/03/16 10:53:39 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015/03/16 10:53:39 | 000,521,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510_winload.exe_75835076
[2015/03/16 10:53:39 | 000,455,752 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510_winresume.exe_85cd1215
[2009/07/14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2015/05/15 10:27:08 | 000,000,612 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2011/04/12 03:36:26 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2014/07/08 23:41:55 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_cs-cz_3540f2755b51fb60.manifest
[2015/02/03 05:54:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd.manifest
[2015/08/04 20:15:30 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_cs-cz_351a888d5b6fabc5.manifest
[2014/07/08 23:42:00 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_cs-cz_35bfc13a7477b442.manifest
[2014/12/13 03:50:10 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_cs-cz_35e2355e745d8d6b.manifest
[2015/01/13 00:09:15 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_35c59380747413ec.manifest
[2015/01/16 08:24:33 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_35c794147472469a.manifest
[2015/01/27 06:12:13 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_35b1f43c74827e7c.manifest
[2015/02/03 06:04:47 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_35b6f5ae747dfd2f.manifest
[2015/03/17 07:30:44 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_35dc0bc4746328a3.manifest
[2015/04/27 21:41:46 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_35aecb80748565b9.manifest
[2015/05/25 20:50:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_35905c50749bec3a.manifest
[2015/07/15 05:32:43 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_35ca6efa746fc308.manifest
[2015/07/15 20:44:27 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_35bf9f0e7477def9.manifest
[2015/08/04 20:38:06 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_cs-cz_35a6fe58748acad6.manifest
[2010/11/20 23:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2014/08/19 05:02:10 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_5ced2dcdcb19ba9a.manifest
[2015/02/03 05:32:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015/08/04 20:12:04 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_5cfed415cb0d11f8.manifest
[2014/08/19 05:09:35 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_5d67fb6ae4430e20.manifest
[2014/12/12 08:03:57 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_5dc680e6e3faf39e.manifest
[2015/01/12 05:35:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_5da9df08e4117a1f.manifest
[2015/01/14 08:45:13 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_5dabdf9ce40faccd.manifest
[2015/01/27 05:51:15 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_5d963fc4e41fe4af.manifest
[2015/02/03 05:54:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_5d9b4136e41b6362.manifest
[2015/03/17 07:06:11 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_5dc0574ce4008ed6.manifest
[2015/04/27 21:17:27 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_5d931708e422cbec.manifest
[2015/05/25 20:35:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_5d74a7d8e439526d.manifest
[2015/07/15 05:25:32 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_5daeba82e40d293b.manifest
[2015/07/15 20:16:39 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_5da3ea96e415452c.manifest
[2015/08/04 20:18:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23153_none_5d8b49e0e4283109.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 08 zář 2015 22:39
od jordi
OTL Extras logfile created on: 8. 9. 2015 21:45:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\radiboy\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,50 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 51,80% Memory free
6,99 Gb Paging File | 5,23 Gb Available in Paging File | 74,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 21,98 Gb Free Space | 22,51% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 187,69 Gb Free Space | 80,59% Space Free | Partition Type: NTFS
Drive E: | 135,22 Gb Total Space | 93,33 Gb Free Space | 69,02% Space Free | Partition Type: NTFS

Computer Name: RADO | User Name: radiboy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-4124711928-2221199952-3497475792-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 17.Manage] -- "C:\Program Files\ACD Systems\ACDSee\17.0\ACDSeeQV17.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03BDBD03-AE31-47DD-98D2-2F8DCA0F5805}" = lport=139 | protocol=6 | dir=in | app=system |
"{0ADC7DC1-C2E4-4B08-A317-141DC06554ED}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0C45FA3A-9354-41A9-AFC8-C2DEA6DA8D65}" = rport=139 | protocol=6 | dir=out | app=system |
"{2659DDDC-0107-40CB-8B63-F55C471EE947}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{29B5C521-7654-4FCA-A1F9-7F5922695C89}" = rport=445 | protocol=6 | dir=out | app=system |
"{3AEFE011-2212-4739-8853-201EE248C36D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{463EB5D3-4CD4-4BA8-8127-933C4B4A1452}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{47D54B1F-2225-43F6-9947-5DDF018D78CF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{48678F31-A722-4A30-9719-7337C6B7AB8B}" = rport=2869 | protocol=6 | dir=out | app=system |
"{595A45FC-3733-40DD-96D7-28FBF217CCAF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6575A18A-5821-4C89-AAFF-04AD0F5307F3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{67C48EE2-B70B-4D76-98F8-0A6FA8A448CE}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{68691149-6C1C-4BED-9437-3D8F54959768}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{697E6C31-2CFF-4919-94A2-A3D282D9A448}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{6AC8296E-8B76-484F-87FC-B1699E96F179}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{734C3907-B8C9-4DD9-93B1-E7B89D8FA624}" = lport=445 | protocol=6 | dir=in | app=system |
"{74381E85-912F-4368-8C8A-BDD10A0C87AD}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{808BD6A0-B307-410D-8E37-9FA66B312E5D}" = lport=2869 | protocol=6 | dir=in | name=tcp 2869 |
"{8AC81B60-9303-4B0D-BC3B-08242A4124AA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B606098-A37B-40B5-B008-38D3240C32FB}" = lport=14323 | protocol=6 | dir=in | name=windows core service |
"{A3433D62-6B50-49E3-B957-384BB4CF8AD1}" = lport=1900 | protocol=17 | dir=in | name=udp 1900 |
"{A7D88C78-A299-4B41-BDA7-79B6D91F4FEE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AA70BF99-C802-45D5-AD21-F1F0308A4AAE}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{AFC50243-DD47-4091-8AE9-E256EB139F45}" = lport=138 | protocol=17 | dir=in | app=system |
"{BFC01F69-E164-4C65-B44E-C8B60C939447}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C914DACB-19A3-4918-ACEE-FC1ED5FFC394}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D88E6546-3048-41B2-B766-B427669CBD72}" = rport=137 | protocol=17 | dir=out | app=system |
"{D9D9C2A2-B192-4165-8AD1-AF6AB03ABB6D}" = lport=137 | protocol=17 | dir=in | app=system |
"{E4D89130-25C5-44B1-B349-3E58B2E67399}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E821DC19-985E-43AD-9C98-2E2AC3A01B19}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{ED7F660A-E95E-4F22-9AF9-5962111AFEA5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F329A5B0-1857-46B3-A32D-AE35D0A93800}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F79F23A5-A660-4941-BD4C-C6C303A96846}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F9E868F0-30F4-4580-B9BA-04F377C2756C}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01195AD0-863F-4FB0-A252-DC3287F9DCEE}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{056B6E17-1BC0-4F52-AB51-A631F524C6AC}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{18138137-6044-4D9F-BF8B-FC870DF01D23}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{301A4ED4-6294-494D-8CA9-45E6F7939B30}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{452E992E-F53E-40C8-8036-B187A4F26480}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5214AD8E-D6A8-44A9-BA7A-639B53467508}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{63510D81-DA20-4745-8735-C3CD6C86BAD7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6E3D29BF-E314-433A-8881-CDE9DC2D68FD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{75023D4F-D539-46B0-90EC-E2BDBC5D7FE1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{84459230-0C1A-46DA-98A3-8AF9EC464D72}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{96F2F4BF-7178-4BF5-8499-199E0D95A504}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A31D28DF-B71A-4200-9A02-CD8467EB5E2C}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C98F1C4B-B8D2-4D5E-8440-D3D94CBD31D4}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{D2E159ED-52FB-485B-8067-D7363E430ABA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D6DB1CA1-7A9E-46EA-A869-5A63146B1B0E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D91AEE1A-991B-41EB-9E05-644BC83DC5D2}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{DBBA02E4-7ED7-49BF-A16B-60CB88CDF167}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{F72CFB95-D8D8-42D8-9925-965F54BFED16}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FDB72458-1F90-43DF-A922-B8351BF0F8A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"TCP Query User{A33D2465-C4B8-4C61-AD38-A16701EED3CF}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{8F5415A3-2329-4C53-810E-CAC0B6239719}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{F072CA07-A781-45E4-9975-C033A73019CF}" = Corel VideoStudio Pro X3
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{101A497C-7EF6-4001-834D-E5FA1C70FEFA}" = Bluetooth Win7 Suite
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series" = Canon MG5300 series MP Drivers
"{11C8528F-630F-1BDF-5208-0E1E665EAEC7}" = Catalyst Control Center InstallProxy
"{122B1825-3F1E-F7AA-157C-033A5286339B}" = Catalyst Control Center Localization All
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{1398F892-730D-C334-E7F1-5584F73F3D9F}" = CCC Help Hungarian
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1895E5C2-A9F8-4757-AD7B-0E9EA8BA1C46}" = Catalyst Control Center - Branding
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1E5E3218-7E21-CA40-5C99-1C3F08C18C85}" = AMD Media Foundation Decoders
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2312197F-544A-0DE9-7E78-2D7BD9C755DE}" = CCC Help Chinese Traditional
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{24B8FFCE-EECA-FF6B-5958-AC3913C5DC7D}" = ATI Catalyst Install Manager
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{386AEEC9-0994-0491-E3A8-ECCEB98B693C}" = CCC Help Czech
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A961DEF-D492-D159-05E7-AFEBD23B1443}" = CCC Help Thai
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EAAC5FD-E209-4856-8C49-D4EA40F85032}" = Mobile Connect
"{4686B678-6E39-CBB0-D2AD-753768D9482C}" = Catalyst Control Center Graphics Previews Common
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4FEB120F-8FAE-C079-F90E-69DDDFE5F24A}" = CCC Help Portuguese
"{5327C3B7-A2BD-DFF9-9AAA-6B25C205A11B}" = CCC Help Finnish
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{56757C8E-7CD5-70F7-7F70-DED7C0290F17}" = CCC Help Russian
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62056544-7C76-36A4-72A2-EE64F1C659E6}" = CCC Help French
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{76B97AED-4D5B-43DA-AC08-D57524FCF763}" = ESET Smart Security
"{7893F1F4-1A7A-7761-A15B-16248A91F14A}" = CCC Help Polish
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7E4CB404-F1E4-4E81-A1CB-2CBB310481D1}" = MLE
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{8356465E-39A3-B863-E66D-79BC03B37879}" = CCC Help Swedish
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85905B8F-7C26-A6E2-6FE4-AA891ADF474A}" = CCC Help Danish
"{87CEDA87-B520-0F6C-0435-186697E523AB}" = ccc-utility
"{89EA0D8A-5115-CB48-4B5A-91F8A2A07CB4}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A2BDD89-D2A9-70F1-0F9F-5511B4035F4E}" = CCC Help Italian
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_ENTERPRISE_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_ENTERPRISE_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2007
"{90120000-00A1-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2007
"{90120000-00BA-041B-0000-0000000FF1CE}_ENTERPRISE_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{987FD645-B12E-BCE0-723F-D99EAB70EE0B}" = AMD VISION Engine Control Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D67169F-A1FD-18D3-C503-69E0B6E7BD09}" = CCC Help Spanish
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A47900DC-2011-46C8-8E07-5BDD9D83DE47}" = ACDSee 17
"{A54C3171-046D-9C8F-EEBA-D78A5927156A}" = CCC Help Korean
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA1958B6-C964-BAE1-259C-DB4239BCEEFC}" = CCC Help German
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.14) MUI
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1C2398C-6FAB-46D1-806C-5942F0829994}" = Data Recovery Pro
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B51B7CE6-1BFF-1E08-FAE3-75AD36B9A399}" = CCC Help Japanese
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{B95599E4-61B5-4589-B495-CC0E35A4DC05}" = SpyHunter
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CA1CA5F8-7500-45C5-9D4C-47D13FBC92D2}" = Adobe Setup
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D0B83E1B-9DDD-B169-BFA9-DF46CAB9D528}" = CCC Help Chinese Standard
"{D20EB399-E879-EB25-F5B2-1CBCBE8B27AB}" = CCC Help Turkish
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}" = AdobeColorCommonSetCMYK
"{EA188C57-85BA-0AB4-D11B-2892B79EDF4D}" = CCC Help Dutch
"{EDCF6C26-F42B-EEE7-C42F-C5DD7509C1EA}" = CCC Help Norwegian
"{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}" = Setup
"{F072CA07-A781-45E4-9975-C033A73019CF}" = ICA
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio
"{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}" = VSPro
"{F2207310-FE8E-CB9D-C44C-3042F966CDAD}" = CCC Help Greek
"{F4E9851F-765E-40B7-9859-237C2724E62C}" = DeviceIO
"{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}" = Contents
"{F8423392-2296-4748-9B66-344432459632}" = PureHD
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}" = Share
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}" = VIO
"{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}" = VSClassic
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}" = IPM_VS_Pro
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_1710d324011afc3e7658e969025f4ba" = Adobe InDesign CS4
"BlazeVideo HDTV Player 6.6 Standard_is1" = BlazeVideo HDTV Player 6.6 Standard
"Canon MG5300 series On-screen Manual" = Canon MG5300 series On-screen Manual
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CNXT_AUDIO_HDA" = Conexant HD Audio
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"DVB Dream_is1" = DVB Dream version 1.5e
"DVBViewer Pro_is1" = DVBViewer Pro
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"Grand Theft Auto III 1.1" = Grand Theft Auto III 1.1
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.1.8.1057
"Mozilla Firefox 40.0.3 (x86 cs)" = Mozilla Firefox 40.0.3 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Need for Speed Most Wanted 2012_is1" = Need for Speed Most Wanted 2012 v1.0.0.0
"PDF Password Remover v3.1_is1" = PDF Password Remover v3.1
"Simpo PDF Converter Ultimate_is1" = Simpo PDF Converter Ultimate 1.5.1.0
"SpyHunter 1.0.0" = SpyHunter
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.3
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4124711928-2221199952-3497475792-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4. 9. 2015 15:39:03 | Computer Name = rado | Source = WinMgmt | ID = 10
Description =

Error - 4. 9. 2015 15:44:21 | Computer Name = rado | Source = WinMgmt | ID = 10
Description =

Error - 6. 9. 2015 15:45:03 | Computer Name = rado | Source = WinMgmt | ID = 10
Description =

Error - 6. 9. 2015 18:47:46 | Computer Name = rado | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WicaInventory.exe, verze: 6.3.9600.17204,
časové razítko: 0x54c739aa Název chybujícího modulu: clr.dll, verze: 4.0.30319.18444,
časové razítko: 0x52717e84 Kód výjimky: 0xc0000006 Posun chyby: 0x0008e681 ID chybujícího
procesu: 0x178c Čas spuštění chybující aplikace: 0x01d0e8f3e2606a9f Cesta k chybující
aplikaci: C:\Windows\system32\CompatTel\WicaInventory.exe Cesta k chybujícímu modulu:
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll ID zprávy: 4a724730-54e9-11e5-af82-b870f4f935ed

Error - 6. 9. 2015 18:47:46 | Computer Name = rado | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
z jednoho z těchto důvodů: došlo k problému s připojením k síti, s diskem, na kterém
je soubor uložen, nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo
disk chybí. Systém Windows kvůli této chybě ukončil program Windows Install Compability
Advisor Inventory Tool. Program: Windows Install Compability Advisor Inventory Tool
Soubor:
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll Hodnota chyby je uvedena v
části Další údaje. Akce uživatele 1. Otevřete soubor znovu. Může se jednat o dočasný
problém, který se při novém spuštění programu nebude opakovat. 2. Pokud k souboru
stále nelze získat přístup a: - Nachází se v síti, měl by správce sítě ověřit, zda
nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném disku
(například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3.
Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak,
že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na
tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu
ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte, zda
lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li
se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se
žádostí o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 3

Error - 6. 9. 2015 19:00:22 | Computer Name = rado | Source = WinMgmt | ID = 10
Description =

Error - 6. 9. 2015 19:06:44 | Computer Name = rado | Source = WinMgmt | ID = 10
Description =

Error - 6. 9. 2015 19:17:11 | Computer Name = rado | Source = WinMgmt | ID = 10
Description =

Error - 7. 9. 2015 15:57:06 | Computer Name = rado | Source = WinMgmt | ID = 10
Description =

Error - 8. 9. 2015 15:37:03 | Computer Name = rado | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 30. 1. 2012 10:39:29 | Computer Name = rado | Source = MCUpdate | ID = 0
Description = 15:39:19 - Chyba při připojování k Internetu 15:39:19 - Nelze kontaktovat
server..

Error - 30. 1. 2012 11:39:37 | Computer Name = rado | Source = MCUpdate | ID = 0
Description = 16:39:37 - Chyba při připojování k Internetu 16:39:37 - Nelze kontaktovat
server..

Error - 30. 1. 2012 11:39:52 | Computer Name = rado | Source = MCUpdate | ID = 0
Description = 16:39:42 - Chyba při připojování k Internetu 16:39:42 - Nelze kontaktovat
server..

Error - 30. 1. 2012 12:39:59 | Computer Name = rado | Source = MCUpdate | ID = 0
Description = 17:39:59 - Chyba při připojování k Internetu 17:39:59 - Nelze kontaktovat
server..

Error - 30. 1. 2012 12:40:06 | Computer Name = rado | Source = MCUpdate | ID = 0
Description = 17:40:04 - Chyba při připojování k Internetu 17:40:04 - Nelze kontaktovat
server..

Error - 30. 1. 2012 13:40:12 | Computer Name = rado | Source = MCUpdate | ID = 0
Description = 18:40:11 - Chyba při připojování k Internetu 18:40:11 - Nelze kontaktovat
server..

Error - 30. 1. 2012 13:40:19 | Computer Name = rado | Source = MCUpdate | ID = 0
Description = 18:40:17 - Chyba při připojování k Internetu 18:40:17 - Nelze kontaktovat
server..

Error - 28. 7. 2015 1:13:29 | Computer Name = rado | Source = MCUpdate | ID = 0
Description = 7:13:29 - Chyba při připojování k Internetu 7:13:29 - Nelze kontaktovat
server..

Error - 28. 7. 2015 1:13:46 | Computer Name = rado | Source = MCUpdate | ID = 0
Description = 7:13:34 - Chyba při připojování k Internetu 7:13:34 - Nelze kontaktovat
server..

Error - 4. 8. 2015 2:40:07 | Computer Name = rado | Source = MCUpdate | ID = 0
Description = 8:39:33 - Načtení položky Broadband se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

[ OSession Events ]
Error - 12. 10. 2014 17:14:57 | Computer Name = rado | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12. 10. 2014 17:15:29 | Computer Name = rado | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3. 1. 2015 4:59:30 | Computer Name = rado | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6712.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9. 2. 2015 4:40:24 | Computer Name = rado | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 75
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9. 2. 2015 4:40:59 | Computer Name = rado | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9. 2. 2015 4:41:45 | Computer Name = rado | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9. 2. 2015 4:43:17 | Computer Name = rado | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9. 2. 2015 4:51:03 | Computer Name = rado | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 23. 2. 2015 12:50:09 | Computer Name = rado | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1. 3. 2015 15:44:03 | Computer Name = rado | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 8. 9. 2015 16:26:17 | Computer Name = rado | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 8. 9. 2015 16:26:22 | Computer Name = rado | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 8. 9. 2015 16:26:27 | Computer Name = rado | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 8. 9. 2015 16:26:31 | Computer Name = rado | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 8. 9. 2015 16:26:36 | Computer Name = rado | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 8. 9. 2015 16:26:41 | Computer Name = rado | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 8. 9. 2015 16:26:45 | Computer Name = rado | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 8. 9. 2015 17:00:31 | Computer Name = rado | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 8. 9. 2015 17:11:27 | Computer Name = rado | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 8. 9. 2015 17:11:31 | Computer Name = rado | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.


< End of report >

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 09 zář 2015 17:01
od Rudy
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text:
:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\radiboy\AppData\Local\Temp\ehdrv.sys -- (eapihdrv)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (avsbpv9b)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (au7lzzc8)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-4124711928-2221199952-3497475792-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
2012/06/08 07:27:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\radiboy\AppData\Roaming\Mozilla\Extensions
[2015/09/06 21:59:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\radiboy\AppData\Roaming\Mozilla\Firefox\Profiles\3x8f1f81.default-1427135331899\extensions
[2015/07/13 11:11:31 | 000,095,369 | ---- | M] () (No name found) -- C:\Users\radiboy\AppData\Roaming\Mozilla\Firefox\Profiles\3x8f1f81.default-1427135331899\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi
[2015/09/04 08:59:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
CHR - Extension: No name found = C:\Users\radiboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\radiboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\radiboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\radiboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: No name found = C:\Users\radiboy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O4 - HKU\S-1-5-21-4124711928-2221199952-3497475792-1000..\Run: [AdobeBridge] File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{04bd25d7-53ee-11e1-916c-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2d939a48-1be8-11e1-92d7-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{2d939a48-1be8-11e1-92d7-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{431d9547-2dee-11e1-a6b3-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{431d9547-2dee-11e1-a6b3-b870f4f935ed}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{48c0895d-1b62-11e1-9120-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{48c0895d-1b62-11e1-9120-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5e97e70d-22af-11e1-b481-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{5e97e70d-22af-11e1-b481-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5e97e710-22af-11e1-b481-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{5e97e710-22af-11e1-b481-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{81c122db-53f0-11e1-bc45-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{81c122db-53f0-11e1-bc45-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a319f790-56e6-11e1-af13-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{a319f790-56e6-11e1-af13-b870f4f935ed}\Shell\AutoRun\command - "" = G:\Setup.exe
O33 - MountPoints2\{c0693912-1b6d-11e1-85d1-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{c0693912-1b6d-11e1-85d1-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d2194ed0-3bec-11e1-b16f-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{d2194ed0-3bec-11e1-b16f-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d2194ed2-3bec-11e1-b16f-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{d2194ed2-3bec-11e1-b16f-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fa60c173-0856-11e1-b64a-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{fa60c173-0856-11e1-b64a-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fa60c17a-0856-11e1-b64a-b870f4f935ed}\Shell - "" = AutoRun
O33 - MountPoints2\{fa60c17a-0856-11e1-b64a-b870f4f935ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

:files
C:\Windows\tasks\bggmb.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\E6F93E65CB.sys
C:\ProgramData\KGyGaAvL.sys
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 10 zář 2015 21:50
od jordi
Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\ias.dll scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 11 zář 2015 17:02
od Rudy
Změnilo se něco?

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 11 zář 2015 20:32
od jordi
nie, okno esetu stale vyskakuje...

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 11 zář 2015 20:48
od Rudy
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 11 zář 2015 21:48
od jordi
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11. 9. 2015
Čas skenování: 22:03
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.11.06
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: radiboy

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 323580
Uplynulý čas: 44 min, 9 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 12 zář 2015 10:08
od Rudy
Podle MBAM máte PC čistý. Kde ho Eset nalezl?

Re: kontrola a odstranenie Win32/Ponmocup.AA

Napsal: 12 zář 2015 15:07
od jordi
scan nikde len ta hladka co je obrazok v prvom prispevku. v operacnej pamati...

vyskakuje tonpriebezne ked mam pustene PC
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz