Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

kontrola logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
rudy630
Návštěvník
Návštěvník
Příspěvky: 94
Registrován: 12 říj 2013 14:36

Re: kontrola logu

#16 Příspěvek od rudy630 »

RogueKiller V8.7.2 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Ruda [Práva správce]
Mód : Odebrat -- Datum : 10/13/2013 22:01:38
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - Hitachi HTS545050A7E380 +++++
--- User ---
[MBR] 2ff5a43e8b452a662c1f359f901b48d8
[BSP] bba2640739bebc08ddcb12c9f428b43f : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 476940 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_10132013_220138.txt >>
RKreport[0]_D_10132013_215929.txt;RKreport[0]_S_10132013_213153.txt;RKreport[0]_S_10132013_220110.txt
Nahoru
rudy630
Návštěvník
Návštěvník
Příspěvky: 94
Registrován: 12 říj 2013 14:36

Re: kontrola logu

#17 Příspěvek od rudy630 »

RogueKiller V8.7.2 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Ruda [Práva správce]
Mód : Oprava HOSTS -- Datum : 10/13/2013 22:04:19
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_10132013_220419.txt >>
RKreport[0]_D_10132013_215929.txt;RKreport[0]_D_10132013_220138.txt;RKreport[0]_S_10132013_213153.txt
RKreport[0]_S_10132013_220110.txt
Nahoru
rudy630
Návštěvník
Návštěvník
Příspěvky: 94
Registrován: 12 říj 2013 14:36

Re: kontrola logu

#18 Příspěvek od rudy630 »

RogueKiller V8.7.2 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Ruda [Práva správce]
Mód : Odebrat -- Datum : 10/13/2013 22:01:38
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - Hitachi HTS545050A7E380 +++++
--- User ---
[MBR] 2ff5a43e8b452a662c1f359f901b48d8
[BSP] bba2640739bebc08ddcb12c9f428b43f : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 476940 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_10132013_220138.txt >>
RKreport[0]_D_10132013_215929.txt;RKreport[0]_S_10132013_213153.txt;RKreport[0]_S_10132013_220110.txt
Nahoru
rudy630
Návštěvník
Návštěvník
Příspěvky: 94
Registrován: 12 říj 2013 14:36

Re: kontrola logu

#19 Příspěvek od rudy630 »

RogueKiller V8.7.2 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Ruda [Práva správce]
Mód : Kontrola -- Datum : 10/13/2013 22:01:10
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[FF][PROXY] 5187wu0d.default : user_pref("network.proxy.type", 2); -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - Hitachi HTS545050A7E380 +++++
--- User ---
[MBR] 2ff5a43e8b452a662c1f359f901b48d8
[BSP] bba2640739bebc08ddcb12c9f428b43f : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 476940 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_10132013_220110.txt >>
RKreport[0]_D_10132013_215929.txt;RKreport[0]_S_10132013_213153.txt
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: kontrola logu

#20 Příspěvek od Márty84 »

:arrow: Dejte novy log z RSIT

a k tomu

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
rudy630
Návštěvník
Návštěvník
Příspěvky: 94
Registrován: 12 říj 2013 14:36

Re: kontrola logu

#21 Příspěvek od rudy630 »

O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - Global Startup: CodecPackUpdateChecker.lnk = C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
O4 - Global Startup: Install LastPass FF RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe
O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: LastPass - file://C:\Users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=lastpass
O8 - Extra context menu item: LastPass vyplňování formulářů - file://C:\Users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=fillforms
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://www.asus.com/support/asusTek_sys_ctrl3.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{E557249B-EC4D-4E00-9A90-D94FCB0F2C10}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{EB650A0A-9E1B-4002-8743-32FA3FD63317}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll c:\windows\syswow64\nvinit.dll c:\windows\syswow64\nvinit.dll, c:\windows\syswow64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files (x86)\iWin Games\iWinTrusted.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Kingsoft Core Service (kxescore) - Unknown owner - c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 14410 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\WLANExt.exe 3853600
\??\C:\Windows\system32\conhost.exe "178188631213183932181419633274-94903716984927946526737234-7461787691525516392
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\iWin Games\iWinTrusted.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
WLIDSvcM.exe 2236
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc" /escort 2920
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
taskeng.exe {070B2759-5901-4549-9ADF-79163F61AA30}
"C:\Windows\system32\Dwm.exe"
ATKOSD.exe
C:\Windows\Explorer.EXE
KBFiltr.exe
WDC.exe
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
taskeng.exe {DADEE42A-000C-4E5C-90E3-9AB0A6F90C46}
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"
"C:\Windows\SysWOW64\C2MP\UpdateChecker.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDGesture.exe"
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc" /escort 5548
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Users\Ruda\AppData\Local\Plus500\main\InvestSoftProject.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -Embedding
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe" "Microsoft Word Starter 2010 9014006604050000" /n /f "E:\pečivo\Pizza housky.wiz"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6572 CREDAT:3675547 /prefetch:2
"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe" /start IDLE_APP_EVENT_{90140011-0066-0405-0000-0000000FF1CE}
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6572 CREDAT:3544474 /prefetch:2
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-841361005-909514878-2309378359-1002168_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-841361005-909514878-2309378359-1002168 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 816 820 828 65536 824
"C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JEV7P060\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe170_ Global\UsGthrCtrlFltPipeMssGthrPipe170 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\ASUS SmartLogon Console Sensor.job
C:\Windows\tasks\C__Users_Ruda_Downloads_tvonline.exe.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0]
"Description"=Exent® AOD Gecko Plugin
"Path"=C:\Program Files (x86)\Free Ride Games\npExentCtl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@kingsfot.com/npkws]
"Description"=npkws
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@lastpass.com/NPLastPass]
"Description"=
"Path"=C:\Program Files (x86)\LastPass\nplastpass.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@oberon-media.com/ONCAdapter]
"Description"=Oberon com adapter plugin
"Path"=C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin]
"Description"=VideoDownloadConverter Plugin
"Path"=C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\www.exent.com/GameTreatWidget]
"Description"=
"Path"=C:\Program Files (x86)\Free Ride Games\NPGameTreatPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@lastpass.com/NPLastPass]
"Description"=
"Path"=C:\Program Files (x86)\LastPass\nplastpass64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\
support@lastpass.com
trash
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\searchplugins\
aol-search.xml
firmycz.xml
hellspy.xml
mapycz.xml
webwebweb.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]
LastPass Vault - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2013-09-24 919552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF2573AE-E1ED-40e1-83BA-F544CB2EE135}]
DownloadHelper Class - C:\Program Files\Common Files\Download Helper\DownloadHelperx64.dll [2011-01-07 905216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
SimpleAdblock Class - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll [2012-09-20 997144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F0B6B9B-6342-4E2F-ABF5-C40B94320622}]
YoutubeMP3ConverterBHO Class - C:\Program Files (x86)\YoutubeMP3Converter\yt2convmp3.dll [2011-08-28 107008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-09 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-05-31 52352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]
LastPass Vault - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-09-24 613376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-09 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF2573AE-E1ED-40e1-83BA-F544CB2EE135}]
DownloadHelper Class - C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll [2011-01-07 626688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
SimpleAdblock Class - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll [2012-09-20 872728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2013-09-24 919552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-09-24 613376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-22 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-22 398616]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-02-19 2661672]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-05-26 361984]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [2012-05-31 1023616]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [2012-05-31 801920]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-09-24 1612504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppsHat]
C:\Users\Ruda\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [2012-08-03 740736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
C:\Program Files\CCleaner\CCleaner64.exe [2013-08-21 6294808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-20 107816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Ruda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2013-08-04 2532352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linguarde]
C:\Program Files (x86)\Linguarde\linguarde.exe -m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tv-Plug-In]
C:\Program Files (x86)\Tv-Plug-In\Tv-Plug-In.exe nogui []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-26 291608]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-04-02 5138032]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-02-22 102568]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2012-02-03 2321072]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25 322208]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-06-19 174752]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-10-01 2345296]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodecPackUpdateChecker.lnk - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
Install LastPass FF RunOnce.lnk - C:\Program Files (x86)\Common Files\lpuninstall.exe
Install LastPass IE RunOnce.lnk - C:\Program Files (x86)\Common Files\lpuninstall.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-22 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-10-13 00:10:41 ----D---- C:\Program Files (x86)\trend micro
2013-10-12 23:46:24 ----DC---- C:\rsit
2013-10-12 23:46:24 ----D---- C:\Program Files\trend micro
2013-10-11 10:53:46 ----A---- C:\Windows\system32\wdfcoinstaller01011.dll
2013-10-11 10:53:46 ----A---- C:\Windows\system32\drivers\XHCIdrv.sys
2013-10-11 00:21:52 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-11 00:21:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 10:54:21 ----HDC---- C:\VTRoot
2013-10-10 01:04:58 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2013-10-10 00:52:09 ----A---- C:\Windows\system32\drivers\fvstore.dat
2013-10-09 23:47:13 ----SD---- C:\Windows\SYSWOW64\Microsoft
2013-10-09 23:39:23 ----A---- C:\Windows\system32\drivers\sfi.dat
2013-10-09 23:37:02 ----SD---- C:\ProgramData\Shared Space
2013-10-09 23:36:07 ----D---- C:\ProgramData\COMODO
2013-10-09 23:35:51 ----D---- C:\Program Files\COMODO
2013-10-09 23:35:15 ----D---- C:\Program Files (x86)\Comodo
2013-10-09 23:35:07 ----D---- C:\ProgramData\Comodo Downloader
2013-10-09 17:14:32 ----D---- C:\ProgramData\LogMeIn
2013-10-09 16:57:42 ----D---- C:\Windows\Sun
2013-10-09 16:56:21 ----D---- C:\ProgramData\Oracle
2013-10-09 16:55:59 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-09 16:55:51 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-09 16:55:51 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-09 16:55:51 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-09 16:55:43 ----D---- C:\Program Files (x86)\Java
2013-10-09 16:32:08 ----A---- C:\Windows\system32\aswBoot.exe
2013-10-09 16:31:25 ----D---- C:\Program Files\AVAST Software
2013-10-09 16:30:37 ----D---- C:\ProgramData\AVAST Software
2013-10-09 14:38:59 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-09 14:38:58 ----A---- C:\Windows\system32\ieui.dll
2013-10-09 14:38:57 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-09 14:38:56 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-09 14:38:56 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-09 14:38:56 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-09 14:38:56 ----A---- C:\Windows\system32\iesetup.dll
2013-10-09 14:38:56 ----A---- C:\Windows\system32\iernonce.dll
2013-10-09 14:38:56 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-09 14:38:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-09 14:38:55 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 14:38:55 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-09 14:38:54 ----A---- C:\Windows\system32\iertutil.dll
2013-10-09 14:38:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-09 14:38:53 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-09 14:38:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-09 14:38:52 ----A---- C:\Windows\system32\jscript.dll
2013-10-09 14:38:51 ----A---- C:\Windows\system32\jscript9.dll
2013-10-09 14:38:50 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-09 14:38:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-09 14:38:49 ----A---- C:\Windows\system32\urlmon.dll
2013-10-09 14:38:48 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-09 14:38:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-09 14:38:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-09 14:38:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-09 14:38:46 ----A---- C:\Windows\system32\wininet.dll
2013-10-09 14:38:45 ----A---- C:\Windows\system32\ieframe.dll
2013-10-09 14:38:43 ----A---- C:\Windows\system32\mshtml.dll
2013-10-09 14:38:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-09 14:15:30 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-09 14:15:30 ----A---- C:\Windows\system32\atmfd.dll
2013-10-09 14:15:29 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-09 14:15:29 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-09 14:15:29 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-09 14:15:29 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-09 14:15:29 ----A---- C:\Windows\system32\lpk.dll
2013-10-09 14:15:29 ----A---- C:\Windows\system32\fontsub.dll
2013-10-09 14:15:29 ----A---- C:\Windows\system32\dciman32.dll
2013-10-09 14:15:29 ----A---- C:\Windows\system32\atmlib.dll
2013-10-09 14:15:28 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-09 14:15:28 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-09 14:15:27 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-09 14:15:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-09 14:15:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-09 14:15:25 ----A---- C:\Windows\system32\advapi32.dll
2013-10-09 14:15:24 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-09 14:15:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-09 14:15:24 ----A---- C:\Windows\system32\tdh.dll
2013-10-09 14:15:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-09 14:15:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-09 14:15:23 ----A---- C:\Windows\system32\wow64.dll
2013-10-09 14:15:23 ----A---- C:\Windows\system32\ntdll.dll
2013-10-09 14:15:21 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-09 14:15:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-09 14:15:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-09 14:15:21 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-09 14:15:20 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-09 14:15:15 ----A---- C:\Windows\system32\mswsock.dll
2013-10-09 14:15:15 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-09 14:15:15 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-09 14:15:14 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-09 14:15:13 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-09 14:15:13 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-09 14:15:13 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-09 14:15:13 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-09 14:15:13 ----A---- C:\Windows\system32\davclnt.dll
2013-10-09 14:15:12 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-09 14:15:11 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-09 14:15:09 ----A---- C:\Windows\system32\win32k.sys
2013-10-09 14:15:09 ----A---- C:\Windows\system32\drivers\usbser.sys
2013-10-09 14:15:08 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 14:15:08 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 14:15:08 ----A---- C:\Windows\system32\comctl32.dll
2013-10-09 14:15:07 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-09 14:15:07 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-09 14:13:13 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-10-08 13:47:57 ----D---- C:\Program Files (x86)\TV Online
2013-10-07 00:45:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-10-07 00:12:44 ----D---- C:\Users\Ruda\AppData\Roaming\MindSpec
2013-10-07 00:12:31 ----D---- C:\ProgramData\MindSpec
2013-10-07 00:12:29 ----D---- C:\Program Files (x86)\Linguarde
2013-10-06 11:35:59 ----DC---- C:\Downloads
2013-10-04 18:53:53 ----RD---- C:\Program Files (x86)\Skype
2013-10-02 18:46:09 ----A---- C:\Windows\SYSWOW64\test.dat
2013-10-02 18:41:22 ----D---- C:\Users\Ruda\AppData\Roaming\uTorrent
2013-10-02 00:13:27 ----D---- C:\Users\Ruda\AppData\Roaming\Zoner
2013-10-02 00:13:23 ----D---- C:\ProgramData\Zoner
2013-10-01 23:37:01 ----D---- C:\Users\Ruda\AppData\Roaming\RocketPDF
2013-10-01 23:29:11 ----D---- C:\Program Files (x86)\UnZIPExpress
2013-09-29 21:43:58 ----D---- C:\Program Files (x86)\Maxthon
2013-09-29 20:05:43 ----D---- C:\Users\Ruda\AppData\Roaming\JLC's Software
2013-09-29 20:05:28 ----D---- C:\Program Files (x86)\JLC's Software
2013-09-28 17:04:32 ----DC---- C:\Shoty
2013-09-28 15:04:41 ----D---- C:\Program Files (x86)\ScreenShots
2013-09-28 10:04:48 ----D---- C:\Program Files (x86)\logview4net
2013-09-27 21:03:30 ----D---- C:\Program Files (x86)\Gadwin Systems
2013-09-26 23:51:38 ----D---- C:\Program Files (x86)\OpenSource Flash Video Splitter
2013-09-26 23:51:35 ----D---- C:\Program Files (x86)\DirectVobSub
2013-09-26 23:51:11 ----D---- C:\Program Files (x86)\LAV Filters
2013-09-26 23:50:43 ----A---- C:\Windows\SYSWOW64\unins000.exe
2013-09-26 23:46:56 ----D---- C:\Program Files (x86)\DCoder Image Source
2013-09-26 23:46:51 ----D---- C:\Program Files (x86)\7-Zip
2013-09-26 23:46:45 ----D---- C:\Program Files (x86)\FFMPEG Core Files
2013-09-26 23:46:30 ----D---- C:\Program Files (x86)\CD Audio Reader Filter
2013-09-26 23:46:29 ----D---- C:\Program Files (x86)\OpenSource AVI Splitter
2013-09-26 23:46:05 ----D---- C:\Program Files (x86)\Gabest MPEG Splitter
2013-09-26 23:46:03 ----D---- C:\Program Files (x86)\OpenSource DTSAC3DD+ Source Filter
2013-09-26 23:46:02 ----D---- C:\Program Files (x86)\DScaler5
2013-09-26 23:45:33 ----D---- C:\Program Files (x86)\AC3Filter
2013-09-26 23:45:14 ----D---- C:\Program Files (x86)\MadVR
2013-09-26 23:44:55 ----D---- C:\Program Files (x86)\Bass Audio Decoder
2013-09-25 23:11:59 ----D---- C:\Program Files (x86)\IrfanView
2013-09-25 00:48:14 ----D---- C:\Users\Ruda\AppData\Roaming\Gest
2013-09-24 22:07:49 ----D---- C:\Users\Ruda\AppData\Roaming\vlc
2013-09-24 19:18:14 ----D---- C:\Program Files (x86)\FileASSASSIN
2013-09-24 16:29:44 ----D---- C:\Program Files (x86)\ManualAttaching_unpack_LS2013
2013-09-24 15:06:14 ----D---- C:\Program Files (x86)\LastPass
2013-09-24 11:54:14 ----A---- C:\Windows\system32\drivers\inspect.sys
2013-09-24 11:54:12 ----A---- C:\Windows\system32\drivers\cmdhlp.sys
2013-09-24 11:54:12 ----A---- C:\Windows\system32\drivers\cmdguard.sys
2013-09-24 11:54:12 ----A---- C:\Windows\system32\drivers\cmderd.sys
2013-09-24 11:53:54 ----A---- C:\Windows\system32\cmdcsr.dll
2013-09-24 11:53:52 ----A---- C:\Windows\SYSWOW64\guard32.dll
2013-09-24 11:53:52 ----A---- C:\Windows\system32\guard64.dll
2013-09-24 11:53:42 ----A---- C:\Windows\system32\cmdvrt64.dll
2013-09-24 11:53:40 ----A---- C:\Windows\system32\cmdkbd64.dll
2013-09-24 11:53:36 ----A---- C:\Windows\SYSWOW64\cmdvrt32.dll
2013-09-24 11:53:36 ----A---- C:\Windows\SYSWOW64\cmdkbd32.dll
2013-09-23 22:59:20 ----D---- C:\Users\Ruda\AppData\Roaming\NVIDIA
2013-09-21 20:56:00 ----D---- C:\Program Files (x86)\IDOS
2013-09-19 16:48:22 ----D---- C:\Users\Ruda\AppData\Roaming\pyramidak
2013-09-19 12:29:45 ----D---- C:\Users\Ruda\AppData\Roaming\Media Player Classic
2013-09-19 11:26:08 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2013-09-19 01:49:43 ----D---- C:\Windows\SoftwareDistribution
2013-09-17 11:57:31 ----D---- C:\ProgramData\VSO
2013-09-17 11:57:31 ----D---- C:\Program Files (x86)\VSO
2013-09-16 23:34:41 ----D---- C:\Program Files\Microsoft Research
2013-09-16 19:26:37 ----D---- C:\Users\Ruda\AppData\Roaming\Digiarty
2013-09-15 22:37:23 ----D---- C:\Users\Ruda\AppData\Roaming\HellSpy.cz Download Manager

======List of files/folders modified in the last 1 month======

2013-10-14 20:12:54 ----D---- C:\Users\Ruda\AppData\Roaming\Skype
2013-10-14 17:27:03 ----D---- C:\Windows\inf
2013-10-14 17:27:03 ----D---- C:\Windows
2013-10-14 17:27:02 ----D---- C:\Windows\temp
2013-10-14 10:24:17 ----D---- C:\Windows\system32\config
2013-10-14 00:34:26 ----D---- C:\Windows\winsxs
2013-10-14 00:24:23 ----SHD---- C:\Windows\Installer
2013-10-14 00:24:10 ----D---- C:\Program Files (x86)\Common Files
2013-10-14 00:23:56 ----D---- C:\Windows\System32
2013-10-14 00:23:49 ----D---- C:\Windows\system32\drivers
2013-10-14 00:23:01 ----SHD---- C:\System Volume Information
2013-10-13 21:59:29 ----D---- C:\Windows\Tasks
2013-10-13 21:59:29 ----D---- C:\Windows\system32\Tasks
2013-10-13 21:21:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-13 21:18:31 ----A---- C:\Windows\SYSWOW64\log.txt
2013-10-13 21:16:08 ----D---- C:\ProgramData\NVIDIA
2013-10-13 21:14:30 ----DC---- C:\AdwCleaner
2013-10-13 21:14:21 ----RD---- C:\Program Files (x86)
2013-10-13 17:28:29 ----D---- C:\Program Files (x86)\Cool Smiley Bar for Facebook
2013-10-12 23:46:24 ----RD---- C:\Program Files
2013-10-12 21:18:38 ----D---- C:\Windows\registration
2013-10-12 15:53:40 ----D---- C:\Windows\Prefetch
2013-10-12 00:28:21 ----D---- C:\Windows\SysWOW64
2013-10-11 10:54:26 ----D---- C:\Windows\system32\catroot
2013-10-11 10:54:25 ----D---- C:\Windows\system32\DriverStore
2013-10-09 23:37:02 ----D---- C:\ProgramData
2013-10-09 20:21:35 ----D---- C:\Windows\Panther
2013-10-09 20:21:35 ----D---- C:\Windows\debug
2013-10-09 18:36:27 ----D---- C:\Windows\rescache
2013-10-09 18:05:07 ----RSD---- C:\Windows\assembly
2013-10-09 18:05:07 ----D---- C:\Windows\Microsoft.NET
2013-10-09 16:55:45 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-10-09 16:55:45 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-10-09 14:44:18 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-09 14:44:15 ----D---- C:\Program Files\Internet Explorer
2013-10-09 14:44:05 ----D---- C:\Windows\AppPatch
2013-10-09 14:44:00 ----D---- C:\Windows\system32\cs-CZ
2013-10-09 14:39:26 ----D---- C:\Windows\system32\catroot2
2013-10-09 14:35:55 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-09 14:30:44 ----D---- C:\Windows\system32\MRT
2013-10-09 14:25:47 ----A---- C:\Windows\system32\MRT.exe
2013-10-09 13:15:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-09 12:56:09 ----D---- C:\Program Files\Recuva
2013-10-08 13:48:11 ----SHDC---- C:\AI_RecycleBin
2013-10-08 13:48:11 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2013-10-08 13:47:07 ----D---- C:\Users\Ruda\AppData\Roaming\TV Online
2013-10-07 22:40:43 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-07 22:39:47 ----D---- C:\Users\Ruda\AppData\Roaming\SoftGrid Client
2013-10-06 23:39:34 ----D---- C:\Windows\ModemLogs
2013-10-05 22:54:27 ----D---- C:\Users\Ruda\AppData\Roaming\Q-Dir
2013-10-04 18:54:09 ----D---- C:\ProgramData\Skype
2013-10-02 22:05:04 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-10-02 19:45:07 ----AD---- C:\ProgramData\Temp
2013-10-01 19:37:57 ----A---- C:\Windows\SYSWOW64\ssins.exe
2013-09-30 23:43:13 ----D---- C:\ProgramData\Microsoft Help
2013-09-27 15:31:57 ----D---- C:\Users\Ruda\AppData\Roaming\PhotoScape
2013-09-26 23:50:45 ----D---- C:\Windows\SYSWOW64\languages
2013-09-26 00:10:44 ----D---- C:\Users\Ruda\AppData\Roaming\IrfanView
2013-09-24 22:04:10 ----D---- C:\Program Files (x86)\VideoLAN
2013-09-24 16:44:03 ----D---- C:\ProgramData\SystemExplorer
2013-09-24 15:34:08 ----D---- C:\Program Files\CCleaner
2013-09-24 13:31:32 ----D---- C:\Windows\system32\wfp
2013-09-24 13:31:24 ----D---- C:\Windows\system32\wbem
2013-09-24 13:29:17 ----D---- C:\Windows\system32\Msdtc
2013-09-24 13:29:14 ----D---- C:\Windows\system32\CodeIntegrity
2013-09-24 13:28:41 ----D---- C:\ProgramData\P4G
2013-09-24 13:27:51 ----D---- C:\Contacts
2013-09-24 00:25:16 ----D---- C:\Windows\LiveKernelReports
2013-09-21 17:03:06 ----D---- C:\Windows\SYSWOW64\custom matrices
2013-09-21 17:03:04 ----D---- C:\Windows\SYSWOW64\C2MP
2013-09-21 17:03:02 ----D---- C:\Windows\system32\Macromed
2013-09-21 16:53:13 ----RHD---- C:\MSOCache
2013-09-17 12:36:19 ----D---- C:\Windows\SYSWOW64\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-12-23 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-26 19224]
R0 kavbootc;kavbootc; C:\Windows\system32\drivers\kavbootc64.sys [2013-03-08 31848]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-04-08 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-09-24 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-09-24 709144]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-09-24 48872]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-09-24 96800]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 kisknl;kisknl; \??\C:\Windows\system32\drivers\kisknl.sys [2013-03-08 221496]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2012-02-29 17152]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-05-31 36480]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-01-11 2801664]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-05-31 341120]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-05-31 111232]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-05-31 30848]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-05-31 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-05-31 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-05-31 281472]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-05-31 551040]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-02-24 80384]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-02-19 200488]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-22 14692224]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 331264]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-12-23 104048]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-03-23 2193008]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 KDHacker;KDHacker; \??\c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AsusVBus;AsusVBus; C:\Windows\system32\DRIVERS\AsusVBus.sys [2012-04-12 35968]
S3 AsusVTouch;AsusVTouch; C:\Windows\system32\DRIVERS\AsusVTouch.sys [2012-04-12 16512]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\combofix\catchme.sys []
S3 dcdbas;System Management Driver; C:\Windows\system32\DRIVERS\dcdbas64.sys []
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2013-04-22 21712]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272]
S3 MsgPlusDriver;Messenger Plus! Virtual Camera; C:\Windows\system32\DRIVERS\MsgPlusDriver.sys []
S3 PCWinSoft;ScreenCamera Video Camera; C:\Windows\system32\DRIVERS\scrcamhrdrv_x64.sys [2012-10-11 241800]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB Serial Emulation Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-05-31 119424]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-09-24 6253640]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-10-01 2746704]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
R2 iWinTrusted;iWinTrusted; C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2013-08-02 177320]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-29 277784]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-14 884512]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-03-23 27760]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 136176]
S2 kxescore;Kingsoft Core Service; c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe /service kxescore []
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-04-08 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 164056]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-22 276248]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-07 118680]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: kontrola logu

#22 Příspěvek od Márty84 »

Ten log neni cely :?:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
rudy630
Návštěvník
Návštěvník
Příspěvky: 94
Registrován: 12 říj 2013 14:36

Re: kontrola logu

#23 Příspěvek od rudy630 »

OTL Extras logfile created on: 14.10.2013 20:34:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ruda\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,89 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 39,02% Memory free
7,77 Gb Paging File | 4,62 Gb Available in Paging File | 59,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 76,49 Gb Free Space | 41,06% Space Free | Partition Type: NTFS
Drive D: | 254,14 Gb Total Space | 253,05 Gb Free Space | 99,57% Space Free | Partition Type: NTFS

Computer Name: RUDA-PC | User Name: Ruda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = DragonHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = DragonHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\SOFTWARE\Classes\<extension>]
.html [@ = Max3.Association.HTML] -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Value error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Comodo\Dragon\dragon.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Value error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0744D153-444E-49B2-9E5D-1074500C0A7D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{08DC4BD8-F582-4CF2-8734-3CCBC29C688E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0911A85F-CB36-4217-A21F-B825A0B81888}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0EA9E516-4B37-4826-8BD9-58C5CE44F9B7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{11341558-43B6-4C61-8CF2-79EA0E656E39}" = rport=10243 | protocol=6 | dir=out | app=system |
"{144DDABD-61C0-4042-8335-8528FA87738A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1C8CBF9C-8E55-4866-8E8C-4078497C8AD8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{207BDDF6-EF7E-4C8D-BD86-4888C61BE220}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{24EEF1A9-F0E2-411C-A180-280342EF3E32}" = lport=445 | protocol=6 | dir=in | app=system |
"{2E1368A4-53D9-4D33-BA26-CDA203AE650B}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{30D44992-7A96-4946-B011-A1EC6BB29EFF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3181C3EA-C96D-421D-A4A2-4F0A7CF7C74C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{359B309F-80E2-49C2-B18F-835DA5E9376D}" = lport=80 | protocol=6 | dir=in | app=system |
"{3A04A3F2-8728-49FF-B485-47E754F0613C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3E99CDAA-4544-412C-8994-1867B9468B28}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{421A0B76-CD0B-4B90-9544-F5AD9487539C}" = rport=138 | protocol=17 | dir=out | app=system |
"{49AA3A50-EFFD-4DDB-8CEE-CEF980B5CCD1}" = rport=445 | protocol=6 | dir=out | app=system |
"{50409E32-1552-4E14-B00E-401E914239D3}" = lport=10244 | protocol=6 | dir=in | app=system |
"{50436E11-5A3A-4864-82DA-2A76D2805E1F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{529E8B8A-F509-41DF-9071-0E8E693A470C}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{5A49A90C-C41F-4B00-A5B5-53C843BDDAC5}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5D1B7129-6D48-4FD5-9821-F2F2D5F62A85}" = lport=10243 | protocol=6 | dir=in | app=system |
"{62C16727-84ED-45F2-89F5-F479C2B8B2E1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{632549BC-B630-46E8-A163-30B15F4FBC29}" = lport=139 | protocol=6 | dir=in | app=system |
"{694C2AB4-C372-4551-9C82-E03576DBDC19}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6E495D52-70F2-408E-97EB-99DC39845C7D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7688E6E5-AF06-4970-9D06-90225EB447AB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7842D0EC-674E-4EB9-B51C-A1C43F501BDF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7A580395-7D99-4DC7-8891-333513E3E890}" = rport=139 | protocol=6 | dir=out | app=system |
"{7D4AACA7-0471-4251-9A39-D1D032494966}" = lport=443 | protocol=6 | dir=in | app=system |
"{7F4A5470-6DD5-484B-80ED-64E55D6AB8D9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8126FA07-3414-45F5-AF6E-B2A858B10EA3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{906ADF88-2B84-43D3-B148-76FFA8F08455}" = rport=137 | protocol=17 | dir=out | app=system |
"{A4A0DED3-DFF6-4997-B07F-A2DDBAD66E6F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B534AEEC-7588-4227-BB36-3AF019B83B22}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B8730023-DBA3-4014-BA42-5B5DBF5BD8DE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C29FAB61-EE1B-406B-AABD-8E550B0E2BDA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C2DA009A-BC9F-46DC-928E-218538C7F173}" = lport=138 | protocol=17 | dir=in | app=system |
"{D6E4CB19-E019-437A-8E4D-D61E9B75D7E7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D866CE4B-CCD4-4B33-97AA-0A0855553A8A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC50F17C-B2F5-453C-939B-C0BD48182BFF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD31C3CB-C451-492F-B843-8148874C13D3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DEA25F71-1734-42F9-974C-AE8E84B27B14}" = lport=3390 | protocol=6 | dir=in | app=system |
"{DF795AAB-1B57-4239-935E-29BA48EC5A3C}" = lport=137 | protocol=17 | dir=in | app=system |
"{E6B5845C-95BE-4D32-8FAA-F8F67D7819F8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F798B5FF-23BD-40CA-909B-E4DEBC0B501C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FAD5E10D-106E-40A1-8B32-7AAAECC83F05}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FBC7721B-4BAB-4E5C-842A-50610C7E9EDB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FD39A26E-6D18-4270-A4CD-4B60452E1A62}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FD9E1A09-54B7-40CC-A258-8FEA0E56A4F9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{041CC774-838E-4DA6-95B8-9564D9B0FB83}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0A4BBD89-792B-4431-8FE0-39CBB70400B8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0DDED3AC-BC86-46E0-85AA-188B3F37EB0E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0E05A03D-D4E6-41B1-9AA9-02DF347A9E56}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{17867C5E-052C-44D1-8D08-A38E69D2C3CA}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{227324C7-C619-492A-A138-BD4B2388E457}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{27FCF242-42E8-42BF-AA16-EB3F325F56BE}" = protocol=6 | dir=out | app=system |
"{2939D4CD-ADE0-44B4-9680-BA7B96A934E9}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe |
"{2A254E2E-66F6-405F-8A35-2F78F7F5D3A8}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe |
"{2BA56C02-34D5-4714-99F4-A4959DBBB3EF}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{2C0B0CE2-2628-4F79-B105-F1D17CAE0EB6}" = protocol=17 | dir=in | app=c:\program files (x86)\iwin games\webupdater.exe |
"{2C138918-8A6B-4146-ABAA-5DB549C965D6}" = protocol=17 | dir=in | app=c:\program files (x86)\iwin games\iwingames.exe |
"{2EF16026-7CF7-40F4-829A-6586E60B024B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{316A2D2C-805C-4685-9B37-14484F997A6A}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{346A2F2E-74D1-494E-9645-2079140F0F05}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3FA37437-0B9F-49E0-9366-A28B6BEFCBBE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{40F08D55-33C7-4B5C-86B1-185D679F5191}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4A10DCD8-A039-4216-8899-10C2B0151C58}" = protocol=6 | dir=in | app=c:\program files (x86)\iwin games\iwingames.exe |
"{53FAF6B5-2F61-44FF-AF5E-FDB53DCFD72F}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe |
"{5BA75B98-4977-4429-8894-0BA95ADD399F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5BB1574F-6C90-4CCE-B0C0-C4CA1EFAB72F}" = dir=in | app=c:\users\ruda\appdata\local\microsoft\skydrive\skydrive.exe |
"{61A15846-B1D2-4CBE-BD62-5B191E892B84}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{66ACF234-A99C-4877-B883-99414D5CA1A9}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{691AB38C-8AA1-4584-A3F4-35A7DC2252B2}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe |
"{6AE788F7-70BC-4BB9-8354-AC3F98945EFF}" = dir=in | app=c:\program files (x86)\tv online\tv online\tv online.exe |
"{7B438894-3C3A-4197-AEDA-5EDEBD592DD1}" = dir=in | app=c:\program files (x86)\tv online\tv online\data\updater.exe |
"{7F9B640F-9396-45B2-98C9-8B1CA3CC8442}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8B61785C-3D52-4114-BFB8-74B82FDC2983}" = protocol=17 | dir=in | app=c:\users\ruda\appdata\roaming\utorrent\utorrent.exe |
"{90F4BCA1-1ED3-473F-B678-77774EEE86C7}" = dir=in | app=c:\users\ruda\appdata\local\microsoft\skydrive\skydrive.exe |
"{9717B37D-7A7D-4736-B166-82E2399C7AD6}" = protocol=6 | dir=in | app=c:\program files (x86)\iwin games\webupdater.exe |
"{9CBE51EB-F9B6-4EE2-BC50-DFAC4F08292D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D7275E7-2DB0-415B-8D51-E671797CA718}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A29D428C-41B6-42E2-8269-40E06728B9AD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AAD3F4D9-7242-4D6A-BF43-4ABF6159F167}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{AC9B06A3-0A9E-4170-B109-B3557A2C0B4E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B6DF7291-F797-4B9B-83CE-C424BD02E42F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{BABF80A1-C083-44AC-B071-616028FCF8AA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C8F1AE15-F8C3-4202-980C-EBC45385F310}" = protocol=6 | dir=in | app=c:\users\ruda\appdata\roaming\utorrent\utorrent.exe |
"{CADE7985-1639-4C5E-AD9F-CDA2F5F7335F}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{D17F55C8-D49C-4CFA-907F-520B7F2C59BB}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{D2671343-C3A3-49A2-9CBF-B6E5710588D9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E74FBF4F-545C-458E-A528-86B14C6887E8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EBEDC76C-A309-46F6-806E-581D96DA079A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F0C3CAC7-8018-4BCA-9615-A31D3A45A468}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F9B1B095-B00B-417B-9EAA-BCE21B7CEC81}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA712F77-0DCD-4109-AB18-894B70105FC3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FEF5ADE5-B09C-4506-893D-5BA7617228E2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{0B2B5323-A642-4D0F-989D-619B4877D29C}C:\users\ruda\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\ruda\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{844E9D0B-BCF4-4408-84F5-934B4B653613}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{AB3BFDD5-BDA9-4669-B171-04867DD5E02B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{ABE74A15-E04A-4881-8A02-492B37E06195}C:\users\ruda\desktop\odorik.exe" = protocol=6 | dir=in | app=c:\users\ruda\desktop\odorik.exe |
"TCP Query User{BCC8A6B1-02AF-4ECC-99E7-A4AD98316C82}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{C0E59EC1-571E-41F4-82DE-4811EF5D1FE1}C:\program files (x86)\asus\asusvibe\asusvibe2.0.exe" = protocol=6 | dir=in | app=c:\program files (x86)\asus\asusvibe\asusvibe2.0.exe |
"TCP Query User{C8AE922F-AC9D-4A22-B6DF-94EEFE3E8ED0}C:\users\ruda\downloads\odorik.exe" = protocol=6 | dir=in | app=c:\users\ruda\downloads\odorik.exe |
"UDP Query User{5AC710AF-B2A6-41C9-99A0-C08AC300CC7C}C:\users\ruda\desktop\odorik.exe" = protocol=17 | dir=in | app=c:\users\ruda\desktop\odorik.exe |
"UDP Query User{64934395-FB05-45ED-9115-4EFF53A0A065}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{71109C3F-567D-4C66-8613-DA9907DB21C5}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{85B00424-1AF6-4568-B96F-7F1E1D43DBA6}C:\program files (x86)\asus\asusvibe\asusvibe2.0.exe" = protocol=17 | dir=in | app=c:\program files (x86)\asus\asusvibe\asusvibe2.0.exe |
"UDP Query User{BB1033FC-FB64-4506-9453-AABCB3CF1619}C:\users\ruda\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\ruda\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{C1C730AE-BF4A-4882-A19A-987E04EC0C60}C:\users\ruda\downloads\odorik.exe" = protocol=17 | dir=in | app=c:\users\ruda\downloads\odorik.exe |
"UDP Query User{EFB3F90C-ABB2-4B5E-BB6A-4F5BEB02800B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{093F13A3-177C-493E-8958-912A0C690B64}" = COMODO Internet Security Premium
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{16C7D2AD-20CA-491E-80BC-8607A9AACED9}" = Microsoft Web Platform Installer 4.6
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{2FD0FA0A-7A21-4C4A-B268-1142B54E035E}" = Windows Live Family Safety
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0405-1000-0000000FF1CE}" = Microsoft Office Klikni a spusť 2010
"{92A49BB2-0039-470F-82F8-A599BF5C4410}" = IE Download Helper
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 311.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 311.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 311.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}" = Microsoft Image Composite Editor
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 10.5.9.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"myBitCast" = myBitCast 1.0.0.3
"Recuva" = Recuva

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{023701CB-8DC0-477C-93B7-48CCE446B678}" = Windows Live Writer Resources
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{0496AEAF-27A8-483A-ACB0-BF4B4D51F148}" = Windows Live Mail
"{049B10C4-9243-633C-3407-5F64DE93520C}_is1" = ManualAttaching_unpack_LS2013 version for Windows
"{04E45BA7-B4F8-4FA8-A89A-FA0C56CE3E66}" = Windows Live Family Safety
"{05C0B4A9-DF70-4C05-BAEF-E21CFF3E7C7C}" = Movie Maker
"{078F45F3-4A17-47BA-8309-0B287198FFFA}" = Windows Live Essentials
"{08466673-3905-4437-93E8-34A221B7CA4E}" = Fotogaléria
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09823CA9-A1B1-42FC-A759-AD844E7C0B0D}" = Windows Live Family Safety
"{09DF9412-8F90-4162-B671-50C0972A3511}" = Windows Live Family Safety
"{0B2DD869-32D0-4AED-99B7-1DD10A434733}" = Windows Live Writer Resources
"{0C22AFC1-F5B5-4FC5-B620-0326D4AE1053}" = Windows Live UX Platform Language Pack
"{0C252A38-F134-4AE1-B8B1-239062FCA9F4}" = Windows Live Writer
"{0D25A2DD-C738-4D43-885E-15CAA30E9D16}" = Movie Maker
"{0F51F5B3-D447-4FAA-AAC2-7F2ED103FCC7}" = Windows Live Mail
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{106C581A-4CFB-499E-896F-78AB1CFE34C1}" = Photo Common
"{140754E1-C019-44A9-A81B-2D7625AABE8A}" = Photo Common
"{158F08C7-7ACE-40D2-A9C3-5818A3EBA23E}_is1" = Linguarde 2.5.2
"{15F16DD9-670C-4B8F-9F92-BC358AB814BD}" = Windows Live Family Safety
"{192A227B-A8C8-4C6D-B939-21FAEB007E1E}" = Google Drive
"{19EA33FB-B34E-40EA-8B8A-61743AEB795A}" = Wireless Console 3
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{207DA277-6A6D-4863-B535-129931D2BB21}" = Galeria fotografii
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21DB4773-B510-45A8-A929-C1A625A911AB}" = Foto-galerija
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{28950295-A98C-4081-AC82-045E9879945E}" = Windows Live UX Platform Language Pack
"{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{2F2363F9-102C-448B-8E3E-02FCFE78A28D}" = Movie Maker
"{2FA07102-825A-4C7E-8C2A-9991FF1A92FF}" = Windows Live Mail
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3162D9D4-122C-4ADE-8D1C-C45487F94135}" = Photo Common
"{345C8936-4812-4293-8EFD-CF570D955D12}" = „Windows Live Messenger“
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{379DA4C6-8C91-4F36-9D25-F08E8959E0DF}" = Poczta usługi Windows Live
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1" = System Explorer 4.2.2
"{42BBCEDB-11B6-4244-940C-491D5058EF63}" = Photo Common
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{46804E41-834A-4A0A-BC77-D4A744D78E8C}" = Windows Live Essentials
"{46BC55A2-B4CE-46B5-8303-A2076B899505}" = Windows Live UX Platform Language Pack
"{49B81645-3BF5-414E-95F1-7EC95E9980AE}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{4EDC2B34-B341-4D0E-970D-0F5F31080A1B}" = Photo Common
"{4F4A4FBF-133D-460E-8617-6D48E0A2B4E4}" = Windows Live Writer Resources
"{5086C198-F201-4BAE-B2DA-B0C15A48E9D1}" = Windows Live Family Safety
"{5172E572-C175-4F80-A6D5-5CB45826AD61}" = SceneSwitch
"{568C2F88-5CED-42FA-B9BA-CB39238937CE}" = Photo Common
"{570D42F1-CF44-4CC8-A604-AB0E8024AC1D}" = Windows Live UX Platform Language Pack
"{57ADCDED-9C85-43D1-97B3-BC961476190F}" = Windows Live Family Safety
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5B91D34E-B583-4E08-BB48-4F18086A0DB7}" = Movie Maker
"{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{624B2A0D-F9C8-45EC-8B5D-41B85009E584}" = Windows Live Family Safety
"{6389F199-1D6C-4974-9557-693F9DD48736}" = Windows Live Writer Resources
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67F407FA-0C90-4301-9978-FC1ED91DD381}" = Fotoattēlu galerija
"{6952FD86-0C6D-4685-BF60-8CC9937D69BC}" = Photo Common
"{69E57689-737E-48DD-B271-CD2C9A15AC01}" = Windows Live UX Platform Language Pack
"{6AA7FFD2-1D29-41D9-A726-023DA3995E45}" = Windows Live Family Safety
"{6B122B50-C78D-4E73-A721-F6D126BFEF0C}" = Windows Live Messenger
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6B7574A7-ADE5-40CD-B4DE-3A72C483DB92}_is1" = Evidence LSoft 4.2.0.0
"{6C733559-AD1B-49D6-B5B9-87516A185468}" = Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71603280-2C9D-4578-B162-16FCC1002D9E}" = Windows Live Messenger
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{77DFC020-F1D7-4972-BCDF-F8237B29955E}" = Windows Live Writer
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{796466D8-0D8A-43F7-A26E-3B06F34CC2E5}" = Photo Common
"{7C6F0282-3DCD-4A80-95AC-BB298E821C44}" = Windows Live Writer
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{81369E8E-4E3A-444E-85FA-7AF85B0FCE80}" = Photo Common
"{82A7E300-CB80-4084-8BB5-423F2D6908B1}" = Windows Live UX Platform Language Pack
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}" = Dream Vacation Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}" = Bubbletown
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}" = Go Go Gourmet Chef of the Year
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}" = Turbo Fiesta
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}" = World of Goo
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}" = Mahjong Memoirs
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}" = Deadtime Stories
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}" = Farm Frenzy 3 - Madagascar
"{851CF41D-9FF1-0200-0000-000000000000}" = Android Sync Manager WiFi
"{8637771C-F8C5-4811-ADAC-955FCF4FC762}" = Movie Maker
"{878B7B35-2BDE-4930-8C39-FDB0B8B851C8}" = Windows Live Writer Resources
"{87E79A55-EBF1-472F-BCAD-4A631B9A69A5}" = Фотогалерия
"{88029346-7D7C-43EC-AD2D-8C20B5893A0D}" = Windows Live UX Platform Language Pack
"{89870E0D-9602-41F8-9E83-14F6849346A4}" = Windows Live Mail
"{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}" = Photo Gallery
"{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}" = ASUS Instant Connect
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C55FF2F-D9AC-4EBC-8AA2-90E2552634C0}" = Windows Live Writer Resources
"{8D977EAA-DF3E-4054-A98D-F27AEB0248DD}" = Fotótár
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E038DF1-B140-46D6-9D82-1BDF8DC56764}" = Movie Maker
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E8AA7A0-CB3D-4909-B382-0BE05B3C75D1}" = Windows Live Messenger
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8F63EC89-EBF5-466B-82B3-B9AFF63AF0C8}" = Windows Live Mail
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90140011-0066-0405-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - čeština
"{92CB8532-845F-4818-90CD-726D59E98637}" = Photo Common
"{9498AAF7-0D2A-430E-A2B0-8EBF23DB0C05}" = Windows Live Essentials
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0405-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9603B62C-50E6-446E-8F9E-2BF2740C6BBB}" = Windows Live Mail
"{967B10A8-52D2-4E66-8D68-1F0F537F64F7}" = Windows Live Pošta
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{99A016E1-0840-43AE-8434-A18CEDFA833B}" = LogMeIn Hamachi
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B443DB1-9746-4597-82FF-6DCB16854815}" = Windows Live Family Safety
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6D5C94-386A-4DE7-B99F-523D3F167B9A}" = Windows Live Messenger
"{9D30784B-4FA7-4BF7-B6D4-D6A494E2A366}" = Pošta Windows Live
"{9E8C06B8-84AA-48A2-9ADA-693C0B254458}" = Windows Live Family Safety
"{A104C276-2B05-41A7-8263-7F7BF6C70D04}" = Alcor Micro USB Card Reader
"{A18681FF-9745-436F-A013-6FC1A7F7EC67}" = Windows Live UX Platform Language Pack
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A79A3484-CA54-4D67-9255-E3A71AB884C3}" = Windows Live Writer Resources
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{AAF91344-2808-4D6B-9242-FBE5AF79D60A}" = Windows Live Family Safety
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Czech
"{AD3A38DD-C19C-4E26-B692-6C02C29BE85C}" = Windows Live Writer
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{B07072F5-2FEC-46CB-AD41-D470BE074ECD}" = Windows Live Essentials
"{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger
"{B31B85C3-2641-467A-A3C3-1ED50662F3D0}" = Windows Live Essentials
"{B37E0634-F4EC-4ABC-AC85-B099B7D960C4}" = Windows Live Writer
"{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}" = Movie Maker
"{B4920103-09F6-4AD2-B150-CFC4474D2DDC}" = Simple Adblock
"{B5D81102-EFE5-4A7B-BE60-019E07C1BD93}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6FF40EA-AEF2-46FF-9516-9A6512901B97}" = Windows Live Mail
"{B98389D4-5E94-4504-83F0-D727DE67D280}" = Windows Live Messenger
"{BADEEBDE-ABAF-4650-9149-51614651A1A0}" = Windows Live Writer Resources
"{BDA897DC-9C54-41CA-8577-A308C2EA19EA}" = Windows Live Writer
"{BE2DE42A-6696-4EE7-9E59-B9385F339DD3}" = Fotogalerija
"{BE787419-ACA7-48A6-B1B4-E9D3FBFCB7D2}" = Windows Live Writer
"{C10418B5-6099-4121-8DFB-D3DFB8B916DB}" = Movie Maker
"{C4557453-4DB0-4D45-8CD1-B098026A407D}" = Windows Live UX Platform Language Pack
"{C57D051E-655A-49A9-97A9-E4FFA1D31237}" = TV Online
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C82E0493-CDCF-4583-8DAE-59CC7EC4B2FE}" = Windows Live Messenger
"{CAFFCA8F-3F06-4154-8F0B-A41A83A3794F}" = Windows Live Messenger
"{CFA67BA9-D26B-41B6-A507-5A472495B8BE}" = Windows Live Family Safety
"{CFBFE244-6269-41DC-85B6-86F99C88ED02}" = Movie Maker
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D22E3846-1F6E-4E34-8BBD-9A6581C0C6FE}" = Windows Live UX Platform Language Pack
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{D7E14BF1-F059-4B0F-B53B-B3A994B023F4}" = Windows Live Writer
"{D8A6F3FE-6F4A-48B1-87E0-718BC20140AE}" = Windows Live Writer
"{DB6F7BFE-873C-4843-8FC2-8D71FCD84C7C}" = Windows Live Writer Resources
"{DB98CF74-83DF-4513-8450-95C6711E88CE}" = Fotogalerija
"{DD351214-3151-4A87-B22F-AE2B58F1575F}" = Windows Live Writer
"{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}" = Photo Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0FA5F15-1173-4B42-964C-C75F752CC2DD}" = Windows Live Writer Resources
"{E1EF2FE6-68D7-4A6B-A554-5BABF79E7836}" = Windows Live Messenger
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E5603D65-60FC-47A6-AAC3-D5448227E963}" = Windows Live Writer
"{E5D458F4-4B41-444D-907D-083692D1D675}" = „Windows Live Mail“
"{E60B6034-A80D-4D9B-93FB-38B286EB3886}" = Windows Live Writer
"{E65B4661-A52C-4FAE-A3C5-A9DC5362258F}" = Fotogalerii
"{EB434403-5808-47E9-8186-B8F66AAC2B3A}" = Movie Maker
"{EC5B21B9-9AC6-4892-9E1B-C98D30AB0395}" = Windows Live UX Platform Language Pack
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED7C17BE-7781-41F8-945A-0904FA2811A0}" = Windows Live Essentials
"{EDE1736D-94BA-0200-0000-000000000000}" = Android Manager WiFi
"{EE999A5F-3D40-4475-BBD3-FB867C93D77F}" = Windows Live Essentials
"{EEB962AA-9F5C-4168-957E-EFF7B099B88E}" = Windows Live Messenger
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F188B46C-A389-4142-9765-1D66459D6929}" = Windows Live Family Safety
"{F19A804E-851F-47BB-B962-C5F07DD691A5}" = Windows Live Writer Resources
"{F2CEE664-F9A3-4235-A11A-42B15884F4D4}" = Windows Live Mail
"{F47AAE4C-BB3E-46EB-8315-1D4FBBA12490}" = Windows Live Writer Resources
"{F4DC3E82-471A-4949-A311-7AE803D203E1}" = Windows Live Essentials
"{F5350A47-59EE-4A4C-BDBF-05A17F0B8CEB}" = Windows Live Writer
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{F70350F0-4979-4321-915D-0C947AE45A48}" = „Windows Live Essentials“
"{FA12037C-B6FA-4825-86BC-D58AA6A9CC24}" = Podstawowe programy Windows Live
"{FA29B84F-8306-4A62-A340-F2C41305E7AF}" = Windows Live Essentials
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FA7339AC-A3A0-400C-8D00-F20FFABECFA7}" = Movie Maker
"{FBA73805-0F67-428B-8E4F-FAE16A452685}" = Photo Common
"{FC61AFC2-1E8A-4364-B653-A07AC748FFE9}" = Windows Live Mail
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FCBD5760-450D-4A3B-82B4-FBA2816B49BD}" = Windows Live Messenger
"{FCF46EBE-4637-4A0D-8CE2-C39897A2D7E1}" = Galerie foto
"{FD5D64EB-DC61-4026-AF47-585B39F19341}" = Galerija fotografija
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFA96194-06E0-4B30-A0D5-90A257350659}" = Windows Live Writer Resources
"510008402" = Mahjong Secrets
"7-Zip" = 7-Zip 9.20
"AC3Filter_is1" = AC3Filter 2.5b
"Ace Media Player_is1" = Ace Media Player
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"AmUStor" = Alcor Micro USB Card Reader
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"aTube Catcher" = aTube Catcher
"Ballad of Solar" = Ballad of Solar
"Barn Yarn: Collector's Edition" = Barn Yarn: Collector's Edition
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"Cool Smiley Bar for Facebook" = Cool Smiley Bar for Facebook
"DCoder Image Source" = DCoder Image Source (remove only)
"DirectVobSub" = DirectVobSub (remove only)
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"Family Tree Builder" = MyHeritage Family Tree Builder
"Farm Frenzy 3: Madagascar" = Farm Frenzy 3: Madagascar
"ffdshow_is1" = ffdshow v1.2.4453 [2012-05-21]
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"FileASSASSIN" = FileASSASSIN
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"Game Park Console" = Game Park Console
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"IrfanView" = IrfanView (remove only)
"iWinArcade" = iWin Games
"Jewel Quest: The Sapphire Dragon -- Collector's Edition" = Jewel Quest: The Sapphire Dragon -- Collector's Edition
"LastPass" = LastPass (pouze odinstalovat)
"lavfilters_is1" = LAV Filters 0.58.2
"LogMeIn Hamachi" = LogMeIn Hamachi
"MadVR" = MadVR (remove only)
"Mahjongg Artifacts 2" = Mahjongg Artifacts 2
"Maxthon3" = Maxthon Cloud Browser
"Media Player - Codec Pack" = Media Player Codec Pack 4.2.9
"Mozilla Firefox 24.0 (x86 cs)" = Mozilla Firefox 24.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klikni a spusť 2010
"Old Clockmaker's Riddle" = Old Clockmaker's Riddle
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"Plus500" = Plus500
"Q-Dir" = Q-Dir
"Svět skládaček" = Svět skládaček
"TV Online 1.8.0" = TV Online
"uTorrent" = µTorrent
"VDC_is1" = Video Download Converter version 1.0.0.0
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VLC media player" = VLC media player 2.1.0
"WinLiveSuite" = Windows Live Essentials
"YoutubeMP3Converter" = Youtube MP3 Converter IE Plugin 1.0 (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software
"SkyDriveSetup.exe" = Microsoft SkyDrive
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7.8.2013 14:27:26 | Computer Name = Ruda-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 7.8.2013 14:28:15 | Computer Name = Ruda-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 8.8.2013 4:31:03 | Computer Name = Ruda-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 8.8.2013 10:15:41 | Computer Name = Ruda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.16635, časové
razítko: 0x51b7a921 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725,
časové razítko: 0x4ec49b8f Kód výjimky: 0xc00000fd Posun chyby: 0x00020023 ID chybujícího
procesu: 0x2320 Čas spuštění chybující aplikace: 0x01ce9440390ddeb0 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: 011d2ead-0035-11e3-a9e5-94dbc999140f

Error - 8.8.2013 12:37:24 | Computer Name = Ruda-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe
se nezdařilo. Závislé sestavení rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 8.8.2013 15:30:35 | Computer Name = Ruda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.16635, časové
razítko: 0x51b7a921 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725,
časové razítko: 0x4ec49b8f Kód výjimky: 0xc0000005 Posun chyby: 0x000379dd ID chybujícího
procesu: 0x734 Čas spuštění chybující aplikace: 0x01ce946d942d3851 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: ff2d3fcd-0060-11e3-8bd6-94dbc999140f

Error - 8.8.2013 16:32:44 | Computer Name = Ruda-PC | Source = ssinstall | ID = 0
Description =

Error - 8.8.2013 16:50:09 | Computer Name = Ruda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.16635, časové
razítko: 0x51b7a921 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18015,
časové razítko: 0x50b83c8a Kód výjimky: 0xc0000005 Posun chyby: 0x0000eeac ID chybujícího
procesu: 0x15d4 Čas spuštění chybující aplikace: 0x01ce9476b0d06d82 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Cesta k chybujícímu
modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 1c32e0eb-006c-11e3-b62c-94dbc999140f

Error - 8.8.2013 17:03:34 | Computer Name = Ruda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.16635, časové
razítko: 0x51b7a921 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18015,
časové razítko: 0x50b83c8a Kód výjimky: 0xc0000005 Posun chyby: 0x0000eea9 ID chybujícího
procesu: 0xb0c Čas spuštění chybující aplikace: 0x01ce9478deb14ea3 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Cesta k chybujícímu
modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: fc79ca06-006d-11e3-b62c-94dbc999140f

Error - 8.8.2013 17:13:20 | Computer Name = Ruda-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu Průzkumník Windows nelze ukončit.

Error - 8.8.2013 20:09:21 | Computer Name = Ruda-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 8.8.2013 21:21:32 | Computer Name = Ruda-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =

[ Media Center Events ]
Error - 6.9.2013 18:18:30 | Computer Name = Ruda-PC | Source = MCUpdate | ID = 0
Description = 0:18:30 - Načtení položky Directory se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)

Error - 6.9.2013 18:18:54 | Computer Name = Ruda-PC | Source = MCUpdate | ID = 0
Description = 0:18:54 - Načtení položky MCESpotlight se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)

Error - 6.9.2013 18:18:56 | Computer Name = Ruda-PC | Source = MCUpdate | ID = 0
Description = 0:18:55 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)

Error - 6.9.2013 18:19:01 | Computer Name = Ruda-PC | Source = MCUpdate | ID = 0
Description = 0:18:56 - Načtení položky Broadband se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)

Error - 29.9.2013 18:56:22 | Computer Name = Ruda-PC | Source = MCUpdate | ID = 0
Description = 0:56:21 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 6.10.2013 18:37:02 | Computer Name = Ruda-PC | Source = MCUpdate | ID = 0
Description = 0:37:01 - Načtení položky Directory se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)

Error - 6.10.2013 18:37:04 | Computer Name = Ruda-PC | Source = MCUpdate | ID = 0
Description = 0:37:03 - Načtení položky MCESpotlight se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)

Error - 6.10.2013 18:37:05 | Computer Name = Ruda-PC | Source = MCUpdate | ID = 0
Description = 0:37:04 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)

Error - 6.10.2013 18:37:17 | Computer Name = Ruda-PC | Source = MCUpdate | ID = 0
Description = 0:37:05 - Načtení položky Broadband se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)

Error - 6.10.2013 19:38:04 | Computer Name = Ruda-PC | Source = MCUpdate | ID = 0
Description = 1:38:04 - Načtení položky Directory se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)

[ System Events ]
Error - 13.10.2013 11:31:36 | Computer Name = Ruda-PC | Source = Service Control Manager | ID = 7000
Description = Služba X5XSEx_Pr143 neuspěla při spuštění v důsledku následující chyby:
%%3

Error - 13.10.2013 11:32:08 | Computer Name = Ruda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: KDHacker

Error - 13.10.2013 11:34:11 | Computer Name = Ruda-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 13.10.2013 11:34:11 | Computer Name = Ruda-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 13.10.2013 12:59:37 | Computer Name = Ruda-PC | Source = Service Control Manager | ID = 7034
Description = Služba Computer Backup (MyPC Backup) byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 13.10.2013 15:16:14 | Computer Name = Ruda-PC | Source = Service Control Manager | ID = 7000
Description = Služba Kingsoft Core Service neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 13.10.2013 15:16:21 | Computer Name = Ruda-PC | Source = Service Control Manager | ID = 7000
Description = Služba X5XSEx_Pr143 neuspěla při spuštění v důsledku následující chyby:
%%3

Error - 13.10.2013 15:16:29 | Computer Name = Ruda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: KDHacker

Error - 13.10.2013 15:18:31 | Computer Name = Ruda-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 13.10.2013 15:18:31 | Computer Name = Ruda-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069


< End of report >
Nahoru
rudy630
Návštěvník
Návštěvník
Příspěvky: 94
Registrován: 12 říj 2013 14:36

Re: kontrola logu

#24 Příspěvek od rudy630 »

OTL logfile created on: 14.10.2013 20:34:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ruda\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,89 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 39,02% Memory free
7,77 Gb Paging File | 4,62 Gb Available in Paging File | 59,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 76,49 Gb Free Space | 41,06% Space Free | Partition Type: NTFS
Drive D: | 254,14 Gb Total Space | 253,05 Gb Free Space | 99,57% Space Free | Partition Type: NTFS

Computer Name: RUDA-PC | User Name: Ruda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.10.14 20:32:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ruda\Downloads\OTL.exe
PRC - [2013.10.01 15:51:14 | 002,345,296 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.08.26 19:48:31 | 011,609,088 | ---- | M] () -- C:\Users\Ruda\AppData\Local\Plus500\Main\InvestSoftProject.exe
PRC - [2013.08.02 17:11:28 | 000,177,320 | ---- | M] (iWin Inc.) -- C:\Program Files (x86)\iWin Games\iWinTrusted.exe
PRC - [2013.06.26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013.06.26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013.06.12 22:58:38 | 000,048,248 | ---- | M] () -- C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.03.14 01:03:04 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.06.25 18:19:24 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012.06.25 16:54:28 | 000,322,208 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012.06.20 18:21:46 | 001,556,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2012.06.19 14:59:04 | 000,174,752 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012.06.11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012.05.31 01:47:00 | 000,327,296 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012.05.28 11:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2012.05.04 01:13:10 | 000,309,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2012.04.13 20:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2012.03.26 19:14:26 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.02.29 21:08:34 | 001,121,448 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012.02.29 03:13:56 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.02.29 03:13:54 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.02.22 00:49:04 | 000,102,568 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2012.02.22 00:49:00 | 000,162,456 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
PRC - [2012.02.21 22:29:38 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.02.21 22:29:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.02.17 02:01:36 | 000,473,728 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2012.02.03 02:33:32 | 002,321,072 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2011.11.21 15:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2011.11.21 15:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2010.02.28 03:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2009.06.19 11:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 11:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2008.12.22 18:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe


========== Modules (No Company Name) ==========

MOD - [2013.10.09 14:52:42 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013.10.09 14:52:24 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013.10.09 14:52:16 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013.10.09 14:51:55 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013.10.09 14:51:37 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013.09.24 15:06:38 | 006,490,624 | ---- | M] () -- C:\Users\Ruda\AppData\LocalLow\LastPass\LPPlugin.dll
MOD - [2013.08.26 19:48:31 | 011,609,088 | ---- | M] () -- C:\Users\Ruda\AppData\Local\Plus500\Main\InvestSoftProject.exe
MOD - [2013.08.14 16:10:10 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013.08.14 16:09:50 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013.08.14 16:09:42 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013.07.10 14:20:40 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013.07.10 14:18:59 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013.06.12 22:58:38 | 000,048,248 | ---- | M] () -- C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
MOD - [2012.03.15 20:48:00 | 000,221,184 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2012.02.22 00:49:00 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
MOD - [2012.01.31 19:25:12 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
MOD - [2011.02.19 07:35:31 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011.02.19 07:35:26 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_cs_31bf3856ad364e35\WindowsBase.resources.dll
MOD - [2010.11.13 04:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.02.28 03:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE


========== Services (SafeList) ==========

SRV:64bit: - [2013.09.24 11:53:56 | 006,253,640 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013.09.24 11:53:32 | 000,164,056 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012.03.23 09:07:48 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2012.02.03 08:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013.10.09 13:15:06 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.07 00:45:13 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.10.01 15:51:14 | 002,746,704 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.09.05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.08.02 17:11:28 | 000,177,320 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files (x86)\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2013.06.26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013.06.26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.08 13:32:28 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.03.14 01:03:04 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.11.25 06:13:12 | 000,821,720 | ---- | M] (Mister Group) [On_Demand | Stopped] -- C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe -- (SystemExplorerHelpService)
SRV - [2012.06.11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012.06.11 17:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012.05.31 01:47:00 | 000,327,296 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2012.05.31 01:24:48 | 000,119,424 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012.04.13 20:14:00 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2012.02.29 03:13:56 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.02.29 03:13:54 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.02.22 09:18:24 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.02.21 22:29:38 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.02.21 22:29:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2011.11.21 15:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2011.11.21 15:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010.11.20 14:19:22 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.11.20 14:19:22 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010.11.20 14:18:04 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.09.24 11:54:12 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2013.08.29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013.08.08 13:02:02 | 000,119,720 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\XHCIdrv.sys -- (XHCIdrv)
DRV:64bit: - [2013.06.26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013.06.26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013.06.26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013.06.26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013.04.08 13:32:30 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013.03.08 20:19:33 | 000,221,496 | ---- | M] (Kingsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\kisknl.sys -- (kisknl)
DRV:64bit: - [2013.03.08 20:19:33 | 000,031,848 | ---- | M] (Kingsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kavbootc64.sys -- (kavbootc)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012.10.11 15:06:34 | 000,241,800 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scrcamhrdrv_x64.sys -- (PCWinSoft)
DRV:64bit: - [2012.09.12 16:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.05.31 01:36:36 | 000,551,040 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012.05.31 01:35:42 | 000,281,472 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012.05.31 01:35:12 | 000,068,736 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012.05.31 01:34:48 | 000,168,064 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012.05.31 01:34:30 | 000,036,480 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012.05.31 01:34:12 | 000,030,848 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012.05.31 01:33:48 | 000,111,232 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012.05.31 01:33:12 | 000,341,120 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012.04.12 01:49:00 | 000,035,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus)
DRV:64bit: - [2012.04.12 01:48:58 | 000,016,512 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AsusVTouch.sys -- (AsusVTouch)
DRV:64bit: - [2012.03.26 19:13:20 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.03.26 19:13:20 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.03.26 19:13:18 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.03.23 09:07:42 | 002,193,008 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.29 21:08:34 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2012.02.24 12:15:29 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.02.24 12:15:29 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.02.22 09:18:14 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.02.20 04:31:14 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.02.19 20:16:24 | 000,200,488 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012.01.11 07:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.12.23 11:53:10 | 000,104,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.12.23 05:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.11.20 15:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.05.24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2013.04.22 10:38:15 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2012.02.29 21:08:34 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AiCharger.sys -- (AiCharger)
DRV - [2011.09.07 10:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes,DefaultScope = {0B1233B8-F2A2-440E-AD8F-E2CF705A1DE4}
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{0B1233B8-F2A2-440E-AD8F-E2CF705A1DE4}: "URL" = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{1E1F17B7-F889-4480-8A29-31EC9A9EFF8C}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_12454
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{258D536F-D026-4FC7-ADA2-2769D328F757}: "URL" = http://search.aol.com/aol/search?s_it=t ... earchTerms}
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{261F48F8-D058-48FB-AF2F-1612D1198CC3}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{4B2BCD33-D984-4D8E-9C54-B803E34B1CA9}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{593B6F83-B0BB-4B83-A5D9-7AC258B674B2}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_12454
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{697A3350-6749-4A05-8E19-B8931A10DA0C}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{9249FFDB-058C-45D6-9AF3-F1B23BF48FF0}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{9FF53AE7-AE60-4664-949F-033A0F77247D}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{A11803E2-62F5-4A23-B930-9F8D435E2A78}: "URL" = http://www.firmy.cz/phr/{searchTerms}?s ... arch_12454
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{A3A70049-68EA-44AC-905D-25C4A57E654C}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{C7C7B0ED-D00A-4989-9D5A-29377FA141AF}: "URL" = http://cs.wikipedia.org/w/index.php?tit ... earchTerms}
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\71BD073478A94B0FA4DA1114F6676BEC: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_12454
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Seznam"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Seznam"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: omnibar%40ajitk.com:0.7.19.20130418
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15
FF - prefs.js..extensions.enabledAddons: locationbar2%40design-noir.de:1.0.6
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.5.0
FF - prefs.js..extensions.enabledAddons: %7BE6C1199F-E687-42da-8C24-E7770CC3AE66%7D:2.0.2
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:7.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="
FF - prefs.js..network.proxy.type: 2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@kingsfot.com/npkws: File not found
FF - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\www.exent.com/GameTreatWidget: C:\Program Files (x86)\Free Ride Games\NPGameTreatPlugin.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\siteranker@siteranker.com: C:\Program Files (x86)\SiteRanker\firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013.03.07 14:19:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Extensions
[2013.10.10 10:59:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions
[2013.09.06 16:27:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.09.06 16:27:14 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.09.24 15:06:44 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\support@lastpass.com
[2013.10.10 10:59:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\trash
[2013.09.12 17:08:46 | 000,184,769 | ---- | M] () (No name found) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\jid1-u9RbFp9JcoEGGw@jetpack.xpi
[2013.09.16 12:03:42 | 000,021,763 | ---- | M] () (No name found) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\locationbar2@design-noir.de.xpi
[2013.07.17 17:13:57 | 000,007,772 | ---- | M] () (No name found) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\nosmalltext@pjs.nl.xpi
[2013.08.09 22:38:01 | 000,069,103 | ---- | M] () (No name found) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\omnibar@ajitk.com.xpi
[2013.10.06 11:00:40 | 000,150,994 | ---- | M] () (No name found) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.10.10 10:59:56 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.09.27 21:24:57 | 000,024,759 | ---- | M] () (No name found) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
[2013.07.31 17:37:45 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\trash\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.08.03 09:32:08 | 000,002,350 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\searchplugins\aol-search.xml
[2013.03.14 02:09:21 | 000,002,055 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\searchplugins\firmycz.xml
[2013.09.16 00:03:55 | 000,006,228 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\searchplugins\hellspy.xml
[2013.03.14 02:09:21 | 000,002,047 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\searchplugins\mapycz.xml
[2013.07.18 22:39:27 | 000,001,087 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\searchplugins\webwebweb.xml
[2013.03.14 02:09:22 | 000,002,213 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\searchplugins\zbocz.xml
[2013.10.07 00:45:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.10.07 00:45:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.10.07 00:45:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.10.07 00:45:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.10.07 00:45:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NPLastPass (Enabled) = C:\Program Files (x86)\LastPass\nplastpass.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Disk Google = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Greeting Card Maker = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\benkgplfnlmgnpooclhbngibhmconcnn\1.0.2_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: YouTube = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: TV = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph\2.5_0\
CHR - Extension: Infected Mushroom = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobnnindgjlefbclgkdfgjaikcdiaone\3_0\
CHR - Extension: AdBlock = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0\
CHR - Extension: AdBlock = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0\
CHR - Extension: converter = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gncebhdkjgopkmaklokjadihihfakeoi\0.1_0\
CHR - Extension: Mortgage Calculators = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gophjlpndiolpbmkiioffbikoegnnapb\1.0.0_0\
CHR - Extension: PageRank Status = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn\8.5.5.2_0\
CHR - Extension: PageRank Status = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn\8.6.0.0_0\
CHR - Extension: LastPass = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.4_0\
CHR - Extension: Mapy = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgkgohkhjofgjpcebjdhkjompkabdoaj\1.0.1_0\
CHR - Extension: Seesmic = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikhnbijacmpeikpnoeddepkehmcofgbh\1.2_0\
CHR - Extension: Business Card Maker = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jllleebddagfipdaphlahknlfipmnehj\1.0.0_0\
CHR - Extension: Kalkulacka = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao\1.0.9_0\
CHR - Extension: Online Hry Zdarma = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfalblilehghcdahejnnejepagmccbib\1.0.2_0\
CHR - Extension: Webmaster & SEO Tools = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfnkfoehpejigjhhjffdhmjpdkofcpmi\1.0.0_0\
CHR - Extension: Cooking Recipes = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\leakjfgpfppjkjmbmbnpmjeandfnhncm\1.0.0_0\
CHR - Extension: Skype Click to Call = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0\
CHR - Extension: Dropdown List of Most Visited Links = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\logbmehmiacemkimbpcbjgaikobdndah\0.5_0\
CHR - Extension: News and Pictures = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfkkkggciojbhfhehfaodadkoheomhbc\1.0.2_0\
CHR - Extension: Hled\u00E1n\u00ED pracovn\u00EDch nab\u00EDdek = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgehfboljmhjbmmjhgbakmoocikpkeid\1.0.6_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_2\
CHR - Extension: Travel Math = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpimeaclblbaodahnhhmlblagijlnad\1.0_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: Picasa = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Online Televize = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\picldhpkcgmgfnmombladhakcganoghd\1.0.1_0\
CHR - Extension: Gmail = C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.10.13 23:26:20 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O2:64bit: - BHO: (DownloadHelper Class) - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files\Common Files\Download Helper\DownloadHelperx64.dll (IE Download Helper)
O2:64bit: - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll (Simple Adblock)
O2 - BHO: (YoutubeMP3ConverterBHO Class) - {6F0B6B9B-6342-4E2F-ABF5-C40B94320622} - C:\Program Files (x86)\YoutubeMP3Converter\yt2convmp3.dll (2conv@hotger.com)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DownloadHelper Class) - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll (IE Download Helper)
O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O3 - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\Toolbar\WebBrowser: (no name) - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\athbttray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\btvstack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (COMODO)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-841361005-909514878-2309378359-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-841361005-909514878-2309378359-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-841361005-909514878-2309378359-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass vyplňování formulářů - file://C:\Users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: LastPass - file://C:\Users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass vyplňování formulářů - file://C:\Users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://www.asus.com/support/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15F7B28C-2FE8-4E58-B86E-C818A041608E}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E557249B-EC4D-4E00-9A90-D94FCB0F2C10}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB650A0A-9E1B-4002-8743-32FA3FD63317}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB650A0A-9E1B-4002-8743-32FA3FD63317}: NameServer = 156.154.70.25,156.154.71.25
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll c:\windows\syswow64\nvinit.dll c:\windows\syswow64\nvinit.dll) - c:\windows\syswow64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
Nahoru
rudy630
Návštěvník
Návštěvník
Příspěvky: 94
Registrován: 12 říj 2013 14:36

Re: kontrola logu

#25 Příspěvek od rudy630 »

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.ffds - ff_vfw.dll ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\LameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.lags - C:\Windows\SysWow64\Lagarith.dll ( )
Drivers32: vidc.x264 - C:\Windows\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: vidc.xvid - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.10.14 17:47:09 | 000,000,000 | ---D | C] -- C:\Users\Ruda\Documents\WLMContacts.csv
[2013.10.13 21:29:37 | 000,000,000 | ---D | C] -- C:\Users\Ruda\Desktop\RK_Quarantine
[2013.10.13 21:17:02 | 000,000,000 | R--D | C] -- C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013.10.13 18:59:36 | 000,000,000 | ---D | C] -- C:\Users\Ruda\SyncFolder
[2013.10.13 00:10:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2013.10.12 23:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.10.12 23:46:24 | 000,000,000 | ---D | C] -- C:\rsit
[2013.10.11 10:53:46 | 001,795,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdfcoinstaller01011.dll
[2013.10.11 10:53:46 | 000,119,720 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\XHCIdrv.sys
[2013.10.11 10:38:50 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Local\Innovative Solutions
[2013.10.11 00:21:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.10.11 00:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.10.11 00:21:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.10.10 10:54:21 | 000,000,000 | -H-D | C] -- C:\VTRoot
[2013.10.09 23:47:13 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013.10.09 23:37:02 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
[2013.10.09 23:36:07 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2013.10.09 23:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2013.10.09 23:35:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2013.10.09 23:35:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2013.10.09 23:35:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2013.10.09 17:14:32 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Local\LogMeIn
[2013.10.09 17:14:32 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2013.10.09 16:57:42 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.10.09 16:56:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013.10.09 16:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.10.09 16:55:59 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.10.09 16:55:51 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.10.09 16:55:51 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.10.09 16:55:51 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.10.09 16:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013.10.09 16:55:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.10.09 16:32:08 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.10.09 16:31:25 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.10.09 16:30:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.10.09 14:38:59 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.10.09 14:38:58 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.10.09 14:38:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.10.09 14:38:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.10.09 14:38:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.10.09 14:38:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.10.09 14:38:56 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.10.09 14:38:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.10.09 14:38:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.10.09 14:38:55 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.10.09 14:38:55 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.10.09 14:38:53 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.10.09 14:38:52 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.10.09 14:38:52 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.10.09 14:38:51 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.10.09 14:15:30 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013.10.09 14:15:30 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013.10.09 14:15:29 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013.10.09 14:15:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013.10.09 14:15:29 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013.10.09 14:15:29 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013.10.09 14:15:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013.10.09 14:15:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013.10.09 14:15:26 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.10.09 14:15:25 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.10.09 14:15:25 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013.10.09 14:15:24 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.10.09 14:15:24 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2013.10.09 14:15:24 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2013.10.09 14:15:23 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.10.09 14:15:23 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.10.09 14:15:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.10.09 14:15:21 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.10.09 14:15:21 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.10.09 14:15:21 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.10.09 14:15:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.10.09 14:15:13 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013.10.09 14:15:12 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013.10.09 14:15:11 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013.10.09 14:15:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbser.sys
[2013.10.09 14:15:08 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013.10.09 14:15:08 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013.10.09 14:15:08 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013.10.09 14:13:13 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2013.10.09 14:12:28 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013.10.09 14:12:28 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013.10.08 13:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TV Online
[2013.10.08 13:47:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TV Online
[2013.10.07 00:45:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.10.07 00:12:44 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\MindSpec
[2013.10.07 00:12:31 | 000,000,000 | ---D | C] -- C:\ProgramData\MindSpec
[2013.10.07 00:12:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Linguarde
[2013.10.06 11:35:59 | 000,000,000 | ---D | C] -- C:\Downloads
[2013.10.04 18:53:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.10.04 18:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.10.04 18:53:53 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.10.04 13:06:47 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.10.02 22:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013.10.02 18:41:22 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\uTorrent
[2013.10.02 18:40:44 | 000,000,000 | ---D | C] -- C:\Users\Ruda\updates
[2013.10.02 18:40:44 | 000,000,000 | ---D | C] -- C:\Users\Ruda\share
[2013.10.02 18:40:44 | 000,000,000 | ---D | C] -- C:\Users\Ruda\dlimagecache
[2013.10.02 18:40:43 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
[2013.10.02 18:40:43 | 000,000,000 | ---D | C] -- C:\Users\Ruda\apps
[2013.10.02 18:40:42 | 000,880,640 | ---- | C] (BitTorrent Inc.) -- C:\Users\Ruda\utorrent.exe
[2013.10.02 00:13:28 | 000,000,000 | ---D | C] -- C:\Users\Ruda\Documents\ZPS15
[2013.10.02 00:13:27 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\Zoner
[2013.10.02 00:13:26 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Local\Zoner
[2013.10.02 00:13:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Zoner
[2013.10.01 23:37:01 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\RocketPDF
[2013.10.01 23:29:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UnZIPExpress
[2013.10.01 19:40:46 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScreenShots
[2013.09.29 21:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
[2013.09.29 21:43:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Maxthon
[2013.09.29 20:05:43 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\JLC's Software
[2013.09.29 20:05:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JLC's Software
[2013.09.29 19:54:37 | 000,000,000 | ---D | C] -- C:\Users\Ruda\Documents\OnLineLiveSetup
[2013.09.29 13:56:18 | 000,000,000 | ---D | C] -- C:\Users\Ruda\Documents\chrome-win32
[2013.09.28 17:04:32 | 000,000,000 | ---D | C] -- C:\Shoty
[2013.09.28 15:04:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScreenShots
[2013.09.28 10:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\logview4net
[2013.09.28 10:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\logview4net
[2013.09.27 21:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadwin Systems
[2013.09.27 21:03:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gadwin Systems
[2013.09.26 23:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenSource Flash Video Splitter
[2013.09.26 23:51:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DirectVobSub
[2013.09.26 23:51:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013.09.26 23:51:28 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013.09.26 23:51:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
[2013.09.26 23:51:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LAV Filters
[2013.09.26 23:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DCoder Image Source
[2013.09.26 23:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013.09.26 23:46:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013.09.26 23:46:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FFMPEG Core Files
[2013.09.26 23:46:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD Audio Reader Filter
[2013.09.26 23:46:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenSource AVI Splitter
[2013.09.26 23:46:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gabest MPEG Splitter
[2013.09.26 23:46:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenSource DTSAC3DD+ Source Filter
[2013.09.26 23:46:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DScaler5
[2013.09.26 23:46:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DScaler5
[2013.09.26 23:45:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
[2013.09.26 23:45:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC3Filter
[2013.09.26 23:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MadVR
[2013.09.26 23:44:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bass Audio Decoder
[2013.09.25 23:12:05 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2013.09.25 23:11:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2013.09.25 20:53:40 | 000,000,000 | ---D | C] -- C:\Users\Ruda\Documents\PC stůl MICHI, buk(2)_files
[2013.09.25 20:50:06 | 000,000,000 | ---D | C] -- C:\Users\Ruda\Documents\PC stůl MICHI, buk_files
[2013.09.25 00:48:26 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gest
[2013.09.25 00:48:14 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\Gest
[2013.09.24 22:08:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.09.24 22:07:49 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\vlc
[2013.09.24 19:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
[2013.09.24 19:18:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileASSASSIN
[2013.09.24 16:29:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManualAttaching_unpack_LS2013
[2013.09.24 16:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ManualAttaching_unpack_LS2013
[2013.09.24 15:06:42 | 015,641,088 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2013.09.24 15:06:30 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
[2013.09.24 15:06:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
[2013.09.24 15:06:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LastPass
[2013.09.24 11:54:12 | 000,023,168 | ---- | C] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys
[2013.09.24 11:53:54 | 000,043,216 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll
[2013.09.24 11:53:52 | 000,444,392 | ---- | C] (COMODO) -- C:\Windows\SysNative\guard64.dll
[2013.09.24 11:53:52 | 000,354,240 | ---- | C] (COMODO) -- C:\Windows\SysWow64\guard32.dll
[2013.09.24 11:53:42 | 000,347,864 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdvrt64.dll
[2013.09.24 11:53:40 | 000,045,784 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdkbd64.dll
[2013.09.24 11:53:36 | 000,280,792 | ---- | C] (COMODO) -- C:\Windows\SysWow64\cmdvrt32.dll
[2013.09.24 11:53:36 | 000,040,664 | ---- | C] (COMODO) -- C:\Windows\SysWow64\cmdkbd32.dll
[2013.09.23 22:59:20 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\NVIDIA
[2013.09.21 20:56:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IDOS
[2013.09.21 19:28:36 | 000,000,000 | ---D | C] -- C:\Users\Ruda\Documents\ASUS
[2013.09.19 16:48:22 | 000,000,000 | ---D | C] -- C:\Users\Ruda\Documents\pyramidak
[2013.09.19 16:48:22 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\pyramidak
[2013.09.19 12:29:45 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\Media Player Classic
[2013.09.19 11:26:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2013.09.19 01:49:43 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.09.17 11:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\VSO
[2013.09.17 11:57:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VSO
[2013.09.16 23:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Research
[2013.09.16 23:34:41 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
[2013.09.16 19:26:37 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\Digiarty
[2013.09.15 22:37:23 | 000,000,000 | ---D | C] -- C:\Users\Ruda\AppData\Roaming\HellSpy.cz Download Manager
[2013.09.14 22:34:43 | 000,000,000 | R--D | C] -- C:\Users\Ruda\Disk Google
[2013.09.14 22:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013.03.16 12:33:35 | 015,271,824 | ---- | C] (Google Inc.) -- C:\Program Files (x86)\picasa39-setup.exe
[19 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.10.14 20:40:35 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2013.10.14 20:38:10 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.10.14 20:31:01 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.10.14 20:14:01 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.10.14 19:49:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013.10.14 11:31:01 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.10.14 09:41:19 | 000,000,387 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\sp_data.sys
[2013.10.14 09:40:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.10.13 21:23:37 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.10.13 21:23:37 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.10.13 21:21:39 | 001,655,612 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.10.13 21:21:39 | 000,697,464 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.10.13 21:21:39 | 000,680,916 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.10.13 21:21:39 | 000,150,032 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.10.13 21:21:39 | 000,128,894 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.10.13 21:16:51 | 000,000,306 | -H-- | M] () -- C:\Windows\tasks\C__Users_Ruda_Downloads_tvonline.exe.job
[2013.10.13 21:16:50 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013.10.13 21:16:03 | 3129,929,728 | -HS- | M] () -- C:\hiberfil.sys
[2013.10.13 21:12:29 | 001,048,960 | ---- | M] () -- C:\Users\Ruda\Desktop\AdwCleaner.exe
[2013.10.12 15:51:38 | 000,661,450 | ---- | M] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2013.10.11 10:54:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_XHCIdrv_01011.Wdf
[2013.10.09 23:43:00 | 000,001,146 | ---- | M] () -- C:\Users\Ruda\Desktop\µTorrent.lnk
[2013.10.09 23:42:59 | 000,001,901 | ---- | M] () -- C:\Users\Ruda\Desktop\Disk Google.lnk
[2013.10.09 23:39:51 | 000,001,888 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2013.10.09 23:39:48 | 000,000,595 | ---- | M] () -- C:\Users\Public\Desktop\Sdílený prostor.lnk
[2013.10.09 17:03:39 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.10.09 16:55:47 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.10.09 16:55:46 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.10.09 16:55:46 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.10.09 16:55:45 | 000,868,264 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.10.09 16:55:45 | 000,790,440 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.10.09 16:55:45 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.10.09 16:32:08 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.10.09 16:18:57 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.10.09 14:46:57 | 000,323,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.10.09 14:35:55 | 001,634,770 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.10.09 13:15:06 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.10.09 13:15:06 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.10.08 13:48:00 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\TV Online.lnk
[2013.10.04 20:11:12 | 000,000,978 | ---- | M] () -- C:\Users\Ruda\Desktop\7-Zip File Manager.lnk
[2013.10.04 18:53:55 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.10.02 22:05:18 | 000,003,344 | ---- | M] () -- C:\Users\Ruda\Documents\AdwCleaner[S4].odt
[2013.10.02 18:46:09 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\test.dat
[2013.10.02 18:41:03 | 000,000,099 | ---- | M] () -- C:\Users\Ruda\resume.dat
[2013.10.02 18:41:01 | 000,011,847 | ---- | M] () -- C:\Users\Ruda\settings.dat
[2013.10.02 18:41:01 | 000,000,164 | ---- | M] () -- C:\Users\Ruda\dht.dat
[2013.10.02 18:41:01 | 000,000,099 | ---- | M] () -- C:\Users\Ruda\rss.dat
[2013.10.02 18:41:01 | 000,000,002 | ---- | M] () -- C:\Users\Ruda\dht_feed.dat
[2013.10.02 18:40:44 | 000,007,267 | ---- | M] () -- C:\Users\Ruda\settings.dat.old
[2013.10.02 18:40:44 | 000,000,270 | ---- | M] () -- C:\Users\Ruda\updates.dat
[2013.10.01 19:40:46 | 000,001,045 | ---- | M] () -- C:\Users\Ruda\Desktop\ScreenShots.lnk
[2013.10.01 19:37:57 | 002,324,216 | ---- | M] (PS Media s.r.o.) -- C:\Windows\SysWow64\ssins.exe
[2013.09.29 21:44:19 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
[2013.09.29 00:13:22 | 000,000,048 | ---- | M] () -- C:\Users\Ruda\Desktop\hellspy.comSTAHOVÁNÍ BEZ ČEKÁNÍ.url
[2013.09.28 15:29:26 | 000,028,160 | ---- | M] () -- C:\Users\Ruda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.09.26 23:50:45 | 000,100,160 | ---- | M] () -- C:\Windows\SysWow64\unins000.dat
[2013.09.26 23:50:42 | 001,178,843 | ---- | M] () -- C:\Windows\SysWow64\unins000.exe
[2013.09.25 23:12:05 | 000,001,892 | ---- | M] () -- C:\Users\Ruda\Desktop\IrfanView Thumbnails.lnk
[2013.09.25 23:12:05 | 000,001,000 | ---- | M] () -- C:\Users\Ruda\Desktop\IrfanView.lnk
[2013.09.25 20:53:40 | 000,039,130 | ---- | M] () -- C:\Users\Ruda\Documents\PC stůl MICHI, buk(2).htm
[2013.09.25 20:50:06 | 000,039,043 | ---- | M] () -- C:\Users\Ruda\Documents\PC stůl MICHI, buk.htm
[2013.09.24 15:34:13 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.09.24 15:06:46 | 015,641,088 | ---- | M] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2013.09.24 15:06:46 | 000,002,112 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
[2013.09.24 15:06:43 | 000,002,112 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
[2013.09.24 15:06:30 | 000,001,196 | ---- | M] () -- C:\Users\Public\Desktop\My LastPass Vault.lnk
[2013.09.24 13:19:15 | 000,007,633 | ---- | M] () -- C:\Users\Ruda\AppData\Local\Resmon.ResmonCfg
[2013.09.24 11:54:12 | 000,023,168 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys
[2013.09.24 11:53:54 | 000,043,216 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll
[2013.09.24 11:53:52 | 000,444,392 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll
[2013.09.24 11:53:52 | 000,354,240 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll
[2013.09.24 11:53:42 | 000,347,864 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdvrt64.dll
[2013.09.24 11:53:40 | 000,045,784 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdkbd64.dll
[2013.09.24 11:53:36 | 000,280,792 | ---- | M] (COMODO) -- C:\Windows\SysWow64\cmdvrt32.dll
[2013.09.24 11:53:36 | 000,040,664 | ---- | M] (COMODO) -- C:\Windows\SysWow64\cmdkbd32.dll
[2013.09.23 22:59:16 | 000,000,000 | ---- | M] () -- C:\Users\Ruda\regbcm
[2013.09.23 01:27:49 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.09.23 01:27:48 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.09.23 01:27:48 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.09.23 01:27:48 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.09.23 01:27:48 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.09.23 00:55:16 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.09.23 00:54:55 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.09.23 00:54:51 | 003,959,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.09.23 00:54:51 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.09.23 00:54:50 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.09.23 00:54:50 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.09.23 00:54:50 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.09.23 00:54:50 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.09.21 04:48:36 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.09.21 04:39:47 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.09.19 16:55:03 | 000,003,175 | ---- | M] () -- C:\Users\Ruda\Documents\RUDAprogs.sxml
[2013.09.18 02:42:21 | 000,000,681 | ---- | M] () -- C:\Users\Ruda\Ruda – zástupce.lnk
[19 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.10.14 20:38:10 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.10.13 21:12:29 | 001,048,960 | ---- | C] () -- C:\Users\Ruda\Desktop\AdwCleaner.exe
[2013.10.11 10:54:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_XHCIdrv_01011.Wdf
[2013.10.10 00:52:09 | 000,661,450 | ---- | C] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2013.10.09 23:39:51 | 000,001,888 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2013.10.09 23:39:48 | 000,000,595 | ---- | C] () -- C:\Users\Public\Desktop\Sdílený prostor.lnk
[2013.10.09 23:39:23 | 001,474,832 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2013.10.09 16:32:08 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.10.08 13:48:00 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\TV Online.lnk
[2013.10.06 22:43:13 | 000,000,306 | -H-- | C] () -- C:\Windows\tasks\C__Users_Ruda_Downloads_tvonline.exe.job
[2013.10.04 20:11:12 | 000,000,978 | ---- | C] () -- C:\Users\Ruda\Desktop\7-Zip File Manager.lnk
[2013.10.04 18:53:55 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.10.02 22:05:18 | 000,003,344 | ---- | C] () -- C:\Users\Ruda\Documents\AdwCleaner[S4].odt
[2013.10.02 18:46:09 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\test.dat
[2013.10.02 18:41:03 | 000,000,099 | ---- | C] () -- C:\Users\Ruda\resume.dat
[2013.10.02 18:41:01 | 000,000,164 | ---- | C] () -- C:\Users\Ruda\dht.dat
[2013.10.02 18:41:01 | 000,000,099 | ---- | C] () -- C:\Users\Ruda\rss.dat
[2013.10.02 18:41:01 | 000,000,002 | ---- | C] () -- C:\Users\Ruda\dht_feed.dat
[2013.10.02 18:40:44 | 000,000,270 | ---- | C] () -- C:\Users\Ruda\updates.dat
[2013.10.02 18:40:43 | 000,184,538 | ---- | C] () -- C:\Users\Ruda\webui.zip
[2013.10.02 18:40:43 | 000,055,967 | ---- | C] () -- C:\Users\Ruda\utorrent.lng
[2013.10.02 18:40:43 | 000,011,847 | ---- | C] () -- C:\Users\Ruda\settings.dat
[2013.10.02 18:40:43 | 000,007,267 | ---- | C] () -- C:\Users\Ruda\settings.dat.old
[2013.10.02 18:40:43 | 000,006,026 | ---- | C] () -- C:\Users\Ruda\current.btskin
[2013.10.02 18:40:43 | 000,001,146 | ---- | C] () -- C:\Users\Ruda\Desktop\µTorrent.lnk
[2013.09.29 21:44:19 | 000,001,083 | ---- | C] () -- C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
[2013.09.29 00:13:22 | 000,000,048 | ---- | C] () -- C:\Users\Ruda\Desktop\hellspy.comSTAHOVÁNÍ BEZ ČEKÁNÍ.url
[2013.09.28 17:05:38 | 000,001,045 | ---- | C] () -- C:\Users\Ruda\Desktop\ScreenShots.lnk
[2013.09.26 23:50:43 | 001,178,843 | ---- | C] () -- C:\Windows\SysWow64\unins000.exe
[2013.09.25 23:12:05 | 000,001,892 | ---- | C] () -- C:\Users\Ruda\Desktop\IrfanView Thumbnails.lnk
[2013.09.25 23:12:05 | 000,001,000 | ---- | C] () -- C:\Users\Ruda\Desktop\IrfanView.lnk
[2013.09.25 20:53:40 | 000,039,130 | ---- | C] () -- C:\Users\Ruda\Documents\PC stůl MICHI, buk(2).htm
[2013.09.25 20:50:05 | 000,039,043 | ---- | C] () -- C:\Users\Ruda\Documents\PC stůl MICHI, buk.htm
[2013.09.24 22:08:24 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.09.24 15:06:30 | 000,001,196 | ---- | C] () -- C:\Users\Public\Desktop\My LastPass Vault.lnk
[2013.09.23 22:59:16 | 000,000,000 | ---- | C] () -- C:\Users\Ruda\regbcm
[2013.09.19 16:55:09 | 000,003,175 | ---- | C] () -- C:\Users\Ruda\Documents\RUDAprogs.sxml
[2013.09.18 02:42:21 | 000,000,681 | ---- | C] () -- C:\Users\Ruda\Ruda – zástupce.lnk
[2013.09.14 22:34:43 | 000,001,901 | ---- | C] () -- C:\Users\Ruda\Desktop\Disk Google.lnk
[2013.09.03 10:22:07 | 000,020,051 | ---- | C] () -- C:\Windows\Q-Dir.ini
[2013.09.01 23:49:48 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\DiscHandler.exe.new
[2013.08.30 05:54:26 | 004,459,520 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2013.08.30 05:54:26 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll.new
[2013.08.30 05:53:34 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.new
[2013.08.30 05:53:34 | 000,079,872 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.08.30 05:51:58 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll.new
[2013.08.30 05:51:58 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2013.08.30 05:51:54 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll.new
[2013.08.30 05:51:54 | 000,156,672 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2013.08.30 05:51:50 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll.new
[2013.08.30 05:51:50 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2013.08.30 05:51:48 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll.new
[2013.08.30 05:51:48 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2013.08.30 05:51:48 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll.new
[2013.08.30 05:51:48 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2013.08.30 05:51:48 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll.new
[2013.08.30 05:51:48 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2013.08.30 05:51:40 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll.new
[2013.08.30 05:51:40 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2013.08.30 05:51:40 | 000,136,704 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll.new
[2013.08.30 05:51:40 | 000,136,704 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2013.07.29 17:04:31 | 000,000,523 | ---- | C] () -- C:\Windows\Viewer.INI
[2013.07.26 15:24:22 | 006,275,760 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-55.dll.new
[2013.07.26 15:24:22 | 006,275,760 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-55.dll
[2013.07.26 15:24:22 | 001,239,216 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-55.dll.new
[2013.07.26 15:24:22 | 001,239,216 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-55.dll
[2013.07.26 15:24:22 | 000,394,416 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll.new
[2013.07.26 15:24:22 | 000,394,416 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2013.07.26 15:24:22 | 000,288,944 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-52.dll.new
[2013.07.26 15:24:22 | 000,288,944 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-52.dll
[2013.07.26 15:24:22 | 000,235,184 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll.new
[2013.07.26 15:24:22 | 000,235,184 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2013.07.26 15:24:22 | 000,190,640 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll.new
[2013.07.26 15:24:22 | 000,190,640 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2013.07.26 15:24:22 | 000,150,192 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-1.dll.new
[2013.07.26 15:24:22 | 000,150,192 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-1.dll
[2013.07.20 20:35:32 | 000,000,139 | ---- | C] () -- C:\Users\Ruda\Waypoints.properties
[2013.07.11 00:57:50 | 000,250,880 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll
[2013.07.11 00:57:49 | 000,330,240 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2013.07.11 00:57:48 | 000,100,160 | ---- | C] () -- C:\Windows\SysWow64\unins000.dat
[2013.06.16 17:51:37 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013.06.12 22:58:38 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\DiscHandler.exe
[2013.05.29 21:20:08 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.05.29 21:20:08 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.05.29 21:20:08 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.05.29 21:20:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.05.29 21:20:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.04.14 12:00:06 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2013.04.14 12:00:02 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2013.04.14 11:59:54 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2013.04.14 11:59:48 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2013.04.14 11:59:36 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2013.04.14 11:59:32 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2013.04.14 11:59:28 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2013.04.14 11:59:12 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2013.04.14 11:59:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe.new
[2013.04.14 11:59:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2013.04.14 11:59:06 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2013.04.14 11:58:12 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2013.04.14 11:58:12 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2013.04.05 00:33:55 | 000,028,160 | ---- | C] () -- C:\Users\Ruda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.27 22:44:30 | 000,007,633 | ---- | C] () -- C:\Users\Ruda\AppData\Local\Resmon.ResmonCfg
[2013.03.26 23:00:02 | 000,000,657 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2013.03.26 22:59:13 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2013.03.11 14:26:10 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013.03.07 03:52:34 | 000,000,387 | ---- | C] () -- C:\Users\Ruda\AppData\Roaming\sp_data.sys
[2012.09.30 00:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini.new
[2012.09.30 00:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini
[2012.06.08 10:22:42 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.06.08 10:22:40 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.06.08 10:22:38 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.06.08 10:22:36 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.06.08 10:22:35 | 013,209,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.02.24 13:39:24 | 001,634,770 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.03 08:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll.new
[2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.09.06 16:27:00 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\ASUS WebStorage
[2013.03.19 00:25:47 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\DAVA
[2013.07.13 18:03:57 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\DeskSoft
[2013.09.16 19:26:37 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Digiarty
[2013.09.06 16:19:39 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\DikobrazGames
[2013.07.14 23:41:57 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\DMCache
[2013.09.06 16:27:00 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\FaceOffMax
[2013.10.11 02:12:32 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Gest
[2013.09.06 16:27:00 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\GHISLER
[2013.09.15 22:39:40 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\HellSpy.cz Download Manager
[2013.05.06 01:42:15 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\HTML Executable
[2013.09.06 16:27:00 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\IDM
[2013.09.06 16:19:39 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\IObit
[2013.09.26 00:10:44 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\IrfanView
[2013.09.29 20:05:43 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\JLC's Software
[2013.08.05 11:59:07 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\KeePass
[2013.09.06 16:27:01 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Kingsoft
[2013.09.06 16:19:40 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\LibreOffice
[2013.09.06 16:19:40 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\LSoft
[2013.09.06 16:19:41 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Maxthon3
[2013.09.06 16:27:03 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Media Town
[2013.10.07 00:12:44 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\MindSpec
[2013.09.06 16:19:49 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Mobile Action
[2013.09.06 16:27:17 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\MyHeritage
[2013.05.27 12:22:38 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Oberon Media
[2013.08.04 18:36:05 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Opera Software
[2013.09.06 16:20:02 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Participatory Culture Foundation
[2013.09.06 16:27:19 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\PCF-VLC
[2013.09.27 15:31:57 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\PhotoScape
[2013.07.11 17:53:02 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\PlusWinks
[2013.09.19 17:24:11 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\pyramidak
[2013.10.05 22:54:27 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Q-Dir
[2013.10.01 23:47:19 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\RocketPDF
[2013.09.06 16:27:20 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Seznam.cz
[2013.03.15 03:49:16 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Shape games
[2013.10.07 22:39:47 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\SoftGrid Client
[2013.05.28 20:59:39 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Sytexis Software
[2013.03.26 22:59:12 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2013.03.10 12:05:19 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\TP
[2013.05.29 00:02:52 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\TuneUp Software
[2013.10.08 13:47:07 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\TV Online
[2013.10.09 20:21:40 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\uTorrent
[2013.03.09 20:20:26 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Windows Live Writer
[2013.10.02 00:13:27 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Zoner

========== Purity Check ==========
Nahoru
rudy630
Návštěvník
Návštěvník
Příspěvky: 94
Registrován: 12 říj 2013 14:36

Re: kontrola logu

#26 Příspěvek od rudy630 »

========== Purity Check ==========



========== Custom Scans ==========

< Kód: >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,636 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.02.24 13:40:19 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.02.24 13:40:21 | 000,000,966 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.03.07 15:43:51 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.03.08 12:10:07 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013.03.08 12:10:08 | 000,000,828 | ---- | C] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013.07.03 21:16:57 | 000,000,272 | ---- | C] () -- C:\Windows\Tasks\ASUS SmartLogon Console Sensor.job
[2013.10.06 22:43:13 | 000,000,306 | -H-- | C] () -- C:\Windows\Tasks\C__Users_Ruda_Downloads_tvonline.exe.job

< >

< >

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\ProgramData\SuperOvladac\Backup\Driver Backup 7-9-2013-12924\CD-ROM Drive\cdrom.sys
[2010.11.20 11:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\All Users\SuperOvladac\Backup\Driver Backup 7-9-2013-12924\CD-ROM Drive\cdrom.sys
[2010.11.20 11:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010.11.20 15:26:00 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2012.06.02 07:32:25 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=456107D69D4EE850A559434F19EFEE65 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_d2beeccacd6d6c07\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:26 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2012.06.02 07:25:12 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=BAF19B633933A9FB4883D27D66C39E9A -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_d22a7e2db457eb07\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2012.06.02 06:41:59 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=EA8C26ECF1656D9647EF044F115EC6DA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21225_none_76a05147150ffad1\cryptsvc.dll
[2012.06.02 06:45:21 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=F2FDE6C8DBAAD44CC58D1E07E4AF4EED -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17035_none_760be2a9fbfa79d1\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2012.02.24 12:14:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2012.02.24 12:14:38 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2012.02.24 12:14:38 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2012.02.24 12:14:38 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2012.02.24 12:14:38 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2012.02.24 12:14:38 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2012.02.24 12:14:38 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2012.02.24 12:14:38 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2012.02.24 12:14:38 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2012.02.24 12:14:38 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 15:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2012.02.24 12:14:38 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2011.12.23 05:09:00 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\eSupport\eDriver\Software\Others\Intel\IRST\iaStor.sys
[2011.12.23 05:09:00 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\ProgramData\SuperOvladac\Backup\Driver Backup 7-9-2013-12924\Intel(R) 7 Series Chipset Family SATA AHCI Controller\iastor.sys
[2011.12.23 05:09:00 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Users\All Users\SuperOvladac\Backup\Driver Backup 7-9-2013-12924\Intel(R) 7 Series Chipset Family SATA AHCI Controller\iastor.sys
[2011.12.23 05:09:00 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.12.23 05:09:00 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_9c981fcb416c038e\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:40 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2012.02.24 12:15:29 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2012.02.24 12:15:29 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2012.02.24 12:15:29 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2012.02.24 12:15:29 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2012.02.24 12:15:29 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2012.02.24 12:15:29 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2012.02.24 12:44:43 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2012.02.24 12:44:43 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_028b374176436a30\lsass.exe
[2012.02.24 12:44:43 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=156F6159457D0AA7E59B62681B56EB90 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_02756f8b7653d554\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.06.02 07:30:31 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=BF63CE11A25F3509129888710D5111FC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_0309de288f695654\lsass.exe
[2012.02.24 12:44:43 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\erdnt\cache64\lsass.exe
[2012.02.24 12:44:43 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\SysNative\lsass.exe
[2012.02.24 12:44:43 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2012.02.24 12:44:43 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2012.02.24 12:44:43 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2012.02.24 12:44:43 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D21BD47E528CD62E79311FB5DF0150E6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_02bb2a0a8fa4d398\lsass.exe

< MD5 for: NDIS.SYS >
[2010.12.29 12:45:14 | 000,947,584 | ---- | M] (Microsoft Corporation) MD5=02A1D495D9CD3C787BDE560CCC6A480E -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.20867_none_045d623d4ecba2f1\ndis.sys
[2010.12.29 12:33:33 | 000,950,656 | ---- | M] (Microsoft Corporation) MD5=303310C91F8C0740ED1C76851C759874 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21628_none_066fff3d4bd0b870\ndis.sys
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.20 15:33:46 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2010.12.29 12:41:29 | 000,947,584 | ---- | M] (Microsoft Corporation) MD5=A3151B3463EEA7E47F618F115D0D142E -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16726_none_03fe04d8358e7a0c\ndis.sys
[2010.12.29 12:57:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17530_none_05d3903632c269df\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.20 15:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:24 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.20 14:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2012.02.24 12:15:29 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2012.02.24 12:15:29 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2012.02.24 12:15:29 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
[2010.11.20 15:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 15:33:50 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2012.02.24 12:15:29 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
[2012.02.24 12:15:29 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A4D9C9A608A97F59307C2F2600EDC6A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvraid.sys
[2012.02.24 12:15:29 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=A5C82EB2F72AA004887F90B84A771F73 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2012.02.24 12:15:29 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2012.02.24 12:15:29 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2012.02.24 12:15:29 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2012.02.24 12:15:29 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2012.02.24 12:15:29 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2012.02.24 12:15:29 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:50 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 15:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:20:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7180204786A9DED8723B2D8CF3CDD388 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.21490_none_08a94e494c0cfd0a\smss.exe
[2013.08.29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.07.08 04:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=FA64733BD65F52712F0545F56FDB4BE6 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.17273_none_0838504e32dc743c\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.02.24 12:22:21 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2012.02.24 12:39:01 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 15:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.02.24 12:29:43 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.02.24 12:22:21 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.02.24 12:22:21 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012.02.24 12:29:43 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012.02.24 12:39:01 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2012.02.24 12:22:21 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.02.24 12:29:43 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2012.02.24 12:29:43 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2012.02.24 12:39:01 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.02.24 12:39:01 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 15:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010.11.20 15:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.20 15:27:30 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010.11.20 14:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010.11.20 14:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.20 14:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[14 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[16 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[19 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[14 C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[19 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[14 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.09.06 16:19:38 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Adobe
[2013.09.06 16:27:00 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\ASUS WebStorage
[2013.09.02 12:38:43 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Atheros
[2013.09.06 16:27:00 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\CyberLink
[2013.03.19 00:25:47 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\DAVA
[2013.07.13 18:03:57 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\DeskSoft
[2013.09.16 19:26:37 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Digiarty
[2013.09.06 16:19:39 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\DikobrazGames
[2013.07.14 23:41:57 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\DMCache
[2013.09.06 16:27:00 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\dvdcss
[2013.09.06 16:27:00 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\FaceOffMax
[2013.10.11 02:12:32 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Gest
[2013.09.06 16:27:00 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\GHISLER
[2013.09.15 22:39:40 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\HellSpy.cz Download Manager
[2013.05.06 01:42:15 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\HTML Executable
[2013.03.07 03:49:47 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Identities
[2013.09.06 16:27:00 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\IDM
[2013.09.06 16:19:39 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\IObit
[2013.09.26 00:10:44 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\IrfanView
[2013.09.29 20:05:43 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\JLC's Software
[2013.08.05 11:59:07 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\KeePass
[2013.09.06 16:27:01 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Kingsoft
[2013.09.06 16:19:40 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\LibreOffice
[2013.09.06 16:19:40 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\LSoft
[2013.03.07 04:12:13 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Macromedia
[2013.06.24 00:00:18 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Malwarebytes
[2013.09.06 16:19:41 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Maxthon3
[2009.07.14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Media Center Programs
[2013.09.20 13:02:40 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Media Player Classic
[2013.09.06 16:27:03 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Media Town
[2013.09.14 19:23:23 | 000,000,000 | --SD | M] -- C:\Users\Ruda\AppData\Roaming\Microsoft
[2013.10.07 00:12:44 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\MindSpec
[2013.09.06 16:19:49 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Mobile Action
[2013.09.06 16:19:50 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Mozilla
[2013.09.06 16:27:17 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\MyHeritage
[2013.09.23 22:59:20 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\NVIDIA
[2013.05.27 12:22:38 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Oberon Media
[2013.08.04 18:36:05 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Opera Software
[2013.09.06 16:20:02 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Participatory Culture Foundation
[2013.09.06 16:27:19 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\PCF-VLC
[2013.09.27 15:31:57 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\PhotoScape
[2013.07.11 17:53:02 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\PlusWinks
[2013.09.19 17:24:11 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\pyramidak
[2013.10.05 22:54:27 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Q-Dir
[2013.08.26 19:44:00 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Real
[2013.10.01 23:47:19 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\RocketPDF
[2013.09.06 16:27:20 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Seznam.cz
[2013.03.15 03:49:16 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Shape games
[2013.10.14 21:26:41 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Skype
[2013.10.07 22:39:47 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\SoftGrid Client
[2013.05.28 20:59:39 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Sytexis Software
[2013.03.26 22:59:12 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2013.03.10 12:05:19 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\TP
[2013.05.29 00:02:52 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\TuneUp Software
[2013.10.08 13:47:07 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\TV Online
[2013.10.09 20:21:40 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\uTorrent
[2013.10.14 01:19:10 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\vlc
[2013.03.09 20:20:26 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Windows Live Writer
[2013.10.02 00:13:27 | 000,000,000 | ---D | M] -- C:\Users\Ruda\AppData\Roaming\Zoner
Nahoru
rudy630
Návštěvník
Návštěvník
Příspěvky: 94
Registrován: 12 říj 2013 14:36

Re: kontrola logu

#27 Příspěvek od rudy630 »

< %APPDATA%\*.exe /s >
[2013.04.17 00:27:37 | 016,333,592 | ---- | M] (ASUS Cloud Corporation) -- C:\Users\Ruda\AppData\Roaming\ASUS WebStorage\Update\ASUSWebStorage3.0.143.296.exe
[2013.07.14 23:30:45 | 005,185,744 | ---- | M] (Tonec Inc.) -- C:\Users\Ruda\AppData\Roaming\IDM\idmupdt.exe
[2013.09.18 17:10:04 | 000,043,385 | R--- | M] () -- C:\Users\Ruda\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_0CE5D65C672A59FCFADCFA.exe
[2013.09.18 17:10:04 | 000,043,385 | R--- | M] () -- C:\Users\Ruda\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_112D608FD02CD87FDC7735.exe
[2013.09.18 17:10:04 | 000,032,579 | R--- | M] () -- C:\Users\Ruda\AppData\Roaming\Microsoft\Installer\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}\_853F67D554F05449430E7E.exe
[2013.08.04 19:30:32 | 000,113,696 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\MyHeritage\Bin\Convert\Convertor.exe
[2013.08.04 19:30:34 | 000,113,696 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\MyHeritage\Bin\Convert\ConvertorFDB.exe
[2013.08.04 19:30:36 | 000,047,120 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\MyHeritage\Bin\Convert\depcheck.exe
[2013.08.04 18:29:06 | 000,110,592 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\MyHeritage\Bin\Convert\gbtest.exe
[2013.08.04 18:29:02 | 000,058,896 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\MyHeritage\Bin\Detect\Detect.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2013.04.29 12:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 10:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.08.08 08:08:08 | 000,880,640 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ruda\AppData\Roaming\uTorrent\utorrent.exe
[2013.08.08 08:08:08 | 000,880,640 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ruda\AppData\Roaming\uTorrent\updates\3.3.1_30003.exe
[2013.10.02 18:42:00 | 000,888,152 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ruda\AppData\Roaming\uTorrent\updates\3.3.1_30017.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[19 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[19 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.10.13 21:18:31 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[19 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.10.14 20:38:10 | 000,000,512 | ---- | M] () MD5=2FF5A43E8B452A662C1F359F901B48D8 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.12.12 15:19:50 | 000,151,546 | ---- | M] () -- \Program Files (x86)\Oberon Media SIDR\510008402\mahjong-secrets_en\sounds\m2_crackle.ogg
[2012.12.12 15:18:58 | 000,009,504 | ---- | M] () -- \Program Files (x86)\Oberon Media SIDR\510008402\mahjong-secrets_en\sounds\scn14_crackers.ogg
[2012.12.12 15:19:50 | 000,008,970 | ---- | M] () -- \Program Files (x86)\Oberon Media SIDR\510008402\mahjong-secrets_en\sounds\scn14_woodpecker_crackers.ogg

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.05.28 18:40:10 | 000,030,552 | ---- | M] () -- \AsusVibeData\TMPatch\x64\utilGenericLoader.dll
[2013.05.28 18:40:12 | 000,024,384 | ---- | M] () -- \AsusVibeData\TMPatch\x86\utilGenericLoader.dll
[2010.09.01 10:49:08 | 000,014,666 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\panel\assets\images\uploader_photo.png
[2010.09.14 09:15:20 | 000,000,946 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\panel\assets\images\uploader_title.png
[2011.09.05 09:18:58 | 000,014,666 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\panel\assets\images\uploader_photo.png
[2011.09.05 09:18:58 | 000,000,946 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\panel\assets\images\uploader_title.png
[2010.10.06 19:41:52 | 000,000,482 | ---- | M] () -- \Program Files (x86)\ASUS\Game Park\Turbo Fiesta\Data\Config\Menu\loader.ini
[2010.10.06 19:41:34 | 000,000,832 | ---- | M] () -- \Program Files (x86)\ASUS\Game Park\Turbo Fiesta\Data\Config\Menu\loader_start.ini
[2008.06.17 09:39:56 | 000,205,312 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\9.0\VSTOLoader.dll
[2008.06.17 09:39:56 | 000,018,952 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\9.0\1033\VSTOLoaderUI.dll
[2011.09.15 01:18:40 | 000,058,664 | ---- | M] () -- \Program Files (x86)\CyberLink\Media Suite\koan\pyloader.dll
[2010.08.20 19:58:04 | 002,475,304 | ---- | M] () -- \Program Files (x86)\CyberLink\Power2Go\runtime\CES\PlugIn\CES_3DLoaderFBX.dll
[2013.02.09 03:39:28 | 000,000,934 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_main.fen
[2013.08.01 11:19:10 | 000,049,976 | ---- | M] () -- \Program Files (x86)\Maxthon\Bin\MxAppLoader.exe
[2013.08.15 07:15:46 | 000,667,448 | ---- | M] () -- \Program Files (x86)\Maxthon\Bin\MxDownloader.dll
[2011.10.12 16:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\facebook\7.1.391\js\downloader.js
[2011.10.12 16:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\facebooklike\7.1.391\js\downloader.js
[2011.10.12 16:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\fbsharedservices\7.1.391\js\downloader.js
[2011.10.12 16:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\featured\7.1.391\js\downloader.js
[2011.10.12 16:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\games\7.1.391\js\shared\downloader.js
[2011.10.12 16:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\chat\7.1.391\js\downloader.js
[2011.10.12 16:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\scripts\io\downloader.js
[2012.11.01 10:32:14 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.11.01 10:32:44 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.09.05 00:34:12 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.09.05 00:34:12 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2011.08.10 21:36:00 | 000,387,584 | ---- | M] () -- \Program Files (x86)\Participatory Culture Foundation\Miro\Miro_Downloader.exe
[2011.04.21 18:43:10 | 000,042,058 | ---- | M] () -- \Program Files (x86)\Participatory Culture Foundation\Miro\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2011.04.21 18:43:10 | 000,028,692 | ---- | M] () -- \Program Files (x86)\Participatory Culture Foundation\Miro\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2011.04.21 18:43:10 | 000,034,496 | ---- | M] () -- \Program Files (x86)\Participatory Culture Foundation\Miro\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2011.04.21 18:43:10 | 000,036,528 | ---- | M] () -- \Program Files (x86)\Participatory Culture Foundation\Miro\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2013.01.21 16:03:44 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.09.16 14:37:22 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.09.16 14:37:22 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.09.16 14:37:22 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.09.17 11:58:07 | 000,003,526 | ---- | M] () -- \ProgramData\VSO\VSO Downloader\3\log\downloader_log.20130917.115749.074.log
[2013.09.17 12:47:44 | 000,079,397 | ---- | M] () -- \ProgramData\VSO\VSO Downloader\3\log\downloader_log.20130917.124139.814.log
[2013.09.16 14:37:22 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.09.16 14:37:22 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.09.16 14:37:22 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.09.17 11:58:07 | 000,003,526 | ---- | M] () -- \Users\All Users\VSO\VSO Downloader\3\log\downloader_log.20130917.115749.074.log
[2013.09.17 12:47:44 | 000,079,397 | ---- | M] () -- \Users\All Users\VSO\VSO Downloader\3\log\downloader_log.20130917.124139.814.log
[2013.03.21 23:31:52 | 000,006,643 | ---- | M] () -- \Users\Ruda\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.2.229\js\downloader.js
[2012.02.20 12:15:30 | 000,006,643 | ---- | M] () -- \Users\Ruda\AppData\Local\Microsoft\BingBar\Apps\fbsharedservices_bb9c6e8b961d477e9ec95f9698bde610\7.2.101\js\downloader.js
[2011.10.12 16:04:18 | 000,006,643 | ---- | M] () -- \Users\Ruda\AppData\Local\Microsoft\BingBar\Apps\Featured_ce53daa069a4a3ad2e3d7d81081f340d\7.1.391\js\downloader.js
[2012.01.31 17:16:24 | 000,006,643 | ---- | M] () -- \Users\Ruda\AppData\Local\Microsoft\BingBar\Apps\Chat_cf57b0088a3b4f61a0bfaad0ba784240\7.1.361\js\downloader.js
[2013.03.10 01:10:05 | 000,005,664 | ---- | M] () -- \Users\Ruda\AppData\Local\Microsoft\Windows Sidebar\Gadgets\asus@vibe.Gadget\images\main\ajax-loader.gif
[2013.10.14 17:56:47 | 000,003,208 | ---- | M] () -- \Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6MSX92B6\loader[1].gif
[2013.10.14 17:56:48 | 000,000,673 | ---- | M] () -- \Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HB0TVBAD\loader[1].gif
[2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- \Users\Ruda\AppData\Roaming\Seznam.cz\bin\27146libfoxloader.dll
[2013.04.15 13:32:10 | 000,060,416 | ---- | M] () -- \Users\Ruda\AppData\Roaming\Seznam.cz\bin\6519libfoxloader-x64.dll
[2013.05.29 16:50:25 | 000,000,165 | ---- | M] () -- \Users\Ruda\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2012.11.13 16:40:02 | 000,030,608 | ---- | M] () -- \Users\Ruda\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.03.25 16:27:20 | 000,000,665 | ---- | M] () -- \Users\Ruda\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 16:27:26 | 000,000,117 | ---- | M] () -- \Users\Ruda\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2013.10.10 14:25:53 | 000,015,903 | ---- | M] () -- \VTRoot\HarddiskVolume3\Users\Ruda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\configLoader.js
[2013.10.10 14:25:53 | 000,002,597 | ---- | M] () -- \VTRoot\HarddiskVolume3\Users\Ruda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\1.6.0.30_0\js\scriptLoader.js
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[19 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2013.06.26 09:23:10 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013.07.08 13:04:40 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[19 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2013.06.26 09:23:10 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013.07.08 13:04:40 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:26:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:25:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:30:51 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:25:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:30:51 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:26:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:25:57 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:30:51 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:26:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:25:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:30:51 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.02.19 07:35:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.02.19 07:35:43 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.02.19 07:35:43 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.02.19 07:35:43 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.02.19 07:35:43 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.02.24 12:08:43 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.02.24 12:08:43 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.02.24 12:08:43 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.02.24 12:08:43 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.02.24 12:08:43 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.02.19 07:33:15 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2012.02.24 12:08:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2012.02.24 12:08:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 16:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2012.02.24 12:08:32 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.02.24 12:08:32 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:26:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:25:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:30:51 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:25:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:30:51 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:26:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:25:57 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:30:51 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:26:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:25:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.02.24 12:30:51 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2011.11.25 23:25:18 | 001,489,920 | ---- | M] () -- \Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\serializer.dll
[2011.11.25 23:39:54 | 002,053,632 | ---- | M] () -- \Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\x64\serializer64.dll
[2013.09.13 01:53:56 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.11 00:22:14 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.02.19 07:35:31 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.09.13 02:23:44 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.11 00:22:49 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.02.19 07:35:31 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.10.05 23:01:40 | 000,000,052 | ---- | M] () -- \Users\Ruda\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2011.02.19 07:35:21 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.14 16:10:18 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.14 19:52:28 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.08.14 16:12:50 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.14 18:49:04 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013.10.09 15:35:01 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
[2013.08.15 09:50:09 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.11 03:37:28 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013.10.09 15:42:32 | 003,425,792 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\4d6c50c63ff4757f8825b82fb18eae3d\System.Runtime.Serialization.ni.dll
[2013.08.15 09:42:06 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b00c987c6d13ba24a30b471ae12a23d5\System.Runtime.Serialization.ni.dll
[2013.08.15 09:43:36 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.11 03:45:30 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2010.03.18 23:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.amd64
[2010.03.18 23:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.10.09 14:33:23 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.09 14:33:20 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.09 14:33:28 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.02.19 07:35:31 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 06:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 23:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.02.19 07:35:30 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 06:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 23:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[19 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2011.02.19 07:35:12 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[19 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2011.02.19 07:35:12 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.02.19 07:35:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_1c215c9ac50719c5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.02.19 07:35:30 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.02.19 07:35:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.02.19 07:35:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_b96904386c2fe002\System.RunTime.Serialization.Resources.dll
[2011.02.19 07:35:31 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.02.19 07:35:23 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2009.06.10 22:30:46 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c\System.Runtime.Serialization.dll
[2010.11.05 03:52:18 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2009.06.10 22:30:43 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05\System.Runtime.Serialization.dll
[2010.11.05 03:52:10 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2012.02.24 12:08:43 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.02.24 12:08:43 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.02.19 07:35:43 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.02.19 07:35:43 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2012.02.24 12:08:32 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16757_none_6dccf6b5c641c933.manifest
[2012.02.24 12:08:32 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.20897_none_6e2b53d0df7fd8c1.manifest
[2012.02.24 12:08:32 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2012.02.24 12:08:32 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2009.07.14 04:26:23 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7600.16385_none_5943b25a748cb06c.manifest
[2010.11.20 16:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2009.07.14 04:27:09 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_941abf24c884ab05.manifest
[2010.11.20 16:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2009.07.14 03:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 15:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011.02.19 07:34:18 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 03:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 15:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 03:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 15:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.02.19 07:35:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 03:52:40 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011.02.19 07:35:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 03:52:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011.02.19 07:35:22 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_267606ecf967dbc0\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.02.19 07:35:31 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.02.19 07:35:12 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.02.19 07:35:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2011.02.19 07:35:31 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.06.10 23:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 03:52:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 4 bytes -> C:\Windows\win.ini:s3
@Alternate Data Stream - 376 bytes -> C:\ProgramData\Temp:FAB80532
@Alternate Data Stream - 374 bytes -> C:\ProgramData\Temp:94EFA686
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:FEF919E6
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:77846FFE
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:D20FFA63
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:373C6DC2
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:373E1720
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:820563D3
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: kontrola logu

#28 Příspěvek od Márty84 »

Jeste dejte novy log z RSIT, ale cely!
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
rudy630
Návštěvník
Návštěvník
Příspěvky: 94
Registrován: 12 říj 2013 14:36

Re: kontrola logu

#29 Příspěvek od rudy630 »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ruda at 2013-10-15 11:08:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 78 GB (41%) free of 191 GB
Total RAM: 3980 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:09:02, on 15.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Ruda\Downloads\OTL.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Ruda\AppData\Local\Plus500\main\InvestSoftProject.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Ruda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
O2 - BHO: YoutubeMP3ConverterBHO - {6F0B6B9B-6342-4E2F-ABF5-C40B94320622} - C:\Program Files (x86)\YoutubeMP3Converter\yt2convmp3.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: DownloadHelper Class - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - Global Startup: CodecPackUpdateChecker.lnk = C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
O4 - Global Startup: Install LastPass FF RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe
O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: LastPass - file://C:\Users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=lastpass
O8 - Extra context menu item: LastPass vyplňování formulářů - file://C:\Users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=fillforms
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://www.asus.com/support/asusTek_sys_ctrl3.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{E557249B-EC4D-4E00-9A90-D94FCB0F2C10}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{EB650A0A-9E1B-4002-8743-32FA3FD63317}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll c:\windows\syswow64\nvinit.dll c:\windows\syswow64\nvinit.dll, c:\windows\syswow64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files (x86)\iWin Games\iWinTrusted.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Kingsoft Core Service (kxescore) - Unknown owner - c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 14443 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\Windows\system32\WLANExt.exe 3853600
\??\C:\Windows\system32\conhost.exe "178188631213183932181419633274-94903716984927946526737234-7461787691525516392
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\iWin Games\iWinTrusted.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
WLIDSvcM.exe 2236
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc" /escort 2920
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
taskeng.exe {070B2759-5901-4549-9ADF-79163F61AA30}
"C:\Windows\system32\Dwm.exe"
ATKOSD.exe
C:\Windows\Explorer.EXE
KBFiltr.exe
WDC.exe
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
taskeng.exe {DADEE42A-000C-4E5C-90E3-9AB0A6F90C46}
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"
"C:\Windows\SysWOW64\C2MP\UpdateChecker.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDGesture.exe"
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc" /escort 5548
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -Embedding
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe" "Microsoft Word Starter 2010 9014006604050000" /n /f "E:\pečivo\Pizza housky.wiz"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe" /start IDLE_APP_EVENT_{90140011-0066-0405-0000-0000000FF1CE}
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Users\Ruda\Downloads\OTL.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Windows\system32\mspaint.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4600 CREDAT:726296 /prefetch:2
"C:\Users\Ruda\AppData\Local\Plus500\main\InvestSoftProject.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4600 CREDAT:4003105 /prefetch:2
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-841361005-909514878-2309378359-1002250_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-841361005-909514878-2309378359-1002250 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SDRP7891\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe251_ Global\UsGthrCtrlFltPipeMssGthrPipe251 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 816 820 828 65536 824

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\ASUS SmartLogon Console Sensor.job
C:\Windows\tasks\C__Users_Ruda_Downloads_tvonline.exe.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0]
"Description"=Exent® AOD Gecko Plugin
"Path"=C:\Program Files (x86)\Free Ride Games\npExentCtl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@kingsfot.com/npkws]
"Description"=npkws
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@lastpass.com/NPLastPass]
"Description"=
"Path"=C:\Program Files (x86)\LastPass\nplastpass.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@oberon-media.com/ONCAdapter]
"Description"=Oberon com adapter plugin
"Path"=C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin]
"Description"=VideoDownloadConverter Plugin
"Path"=C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\www.exent.com/GameTreatWidget]
"Description"=
"Path"=C:\Program Files (x86)\Free Ride Games\NPGameTreatPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@lastpass.com/NPLastPass]
"Description"=
"Path"=C:\Program Files (x86)\LastPass\nplastpass64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\extensions\
support@lastpass.com
trash
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\searchplugins\
aol-search.xml
firmycz.xml
hellspy.xml
mapycz.xml
webwebweb.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]
LastPass Vault - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2013-09-24 919552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF2573AE-E1ED-40e1-83BA-F544CB2EE135}]
DownloadHelper Class - C:\Program Files\Common Files\Download Helper\DownloadHelperx64.dll [2011-01-07 905216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
SimpleAdblock Class - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll [2012-09-20 997144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F0B6B9B-6342-4E2F-ABF5-C40B94320622}]
YoutubeMP3ConverterBHO Class - C:\Program Files (x86)\YoutubeMP3Converter\yt2convmp3.dll [2011-08-28 107008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-09 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-05-31 52352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]
LastPass Vault - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-09-24 613376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-09 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF2573AE-E1ED-40e1-83BA-F544CB2EE135}]
DownloadHelper Class - C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll [2011-01-07 626688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
SimpleAdblock Class - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll [2012-09-20 872728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2013-09-24 919552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-09-24 613376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-22 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-22 398616]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-02-19 2661672]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-05-26 361984]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [2012-05-31 1023616]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [2012-05-31 801920]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-09-24 1612504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppsHat]
C:\Users\Ruda\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [2012-08-03 740736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
C:\Program Files\CCleaner\CCleaner64.exe [2013-08-21 6294808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-20 107816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Ruda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2013-08-04 2532352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linguarde]
C:\Program Files (x86)\Linguarde\linguarde.exe -m []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tv-Plug-In]
C:\Program Files (x86)\Tv-Plug-In\Tv-Plug-In.exe nogui []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-26 291608]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-04-02 5138032]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-02-22 102568]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2012-02-03 2321072]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25 322208]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-06-19 174752]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-10-01 2345296]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodecPackUpdateChecker.lnk - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
Install LastPass FF RunOnce.lnk - C:\Program Files (x86)\Common Files\lpuninstall.exe
Install LastPass IE RunOnce.lnk - C:\Program Files (x86)\Common Files\lpuninstall.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-22 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-10-13 00:10:41 ----D---- C:\Program Files (x86)\trend micro
2013-10-12 23:46:24 ----DC---- C:\rsit
2013-10-12 23:46:24 ----D---- C:\Program Files\trend micro
2013-10-11 10:53:46 ----A---- C:\Windows\system32\wdfcoinstaller01011.dll
2013-10-11 10:53:46 ----A---- C:\Windows\system32\drivers\XHCIdrv.sys
2013-10-11 00:21:52 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-11 00:21:52 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 10:54:21 ----HDC---- C:\VTRoot
2013-10-10 01:04:58 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2013-10-10 00:52:09 ----A---- C:\Windows\system32\drivers\fvstore.dat
2013-10-09 23:47:13 ----SD---- C:\Windows\SYSWOW64\Microsoft
2013-10-09 23:39:23 ----A---- C:\Windows\system32\drivers\sfi.dat
2013-10-09 23:37:02 ----SD---- C:\ProgramData\Shared Space
2013-10-09 23:36:07 ----D---- C:\ProgramData\COMODO
2013-10-09 23:35:51 ----D---- C:\Program Files\COMODO
2013-10-09 23:35:15 ----D---- C:\Program Files (x86)\Comodo
2013-10-09 23:35:07 ----D---- C:\ProgramData\Comodo Downloader
2013-10-09 17:14:32 ----D---- C:\ProgramData\LogMeIn
2013-10-09 16:57:42 ----D---- C:\Windows\Sun
2013-10-09 16:56:21 ----D---- C:\ProgramData\Oracle
2013-10-09 16:55:59 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-09 16:55:51 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-09 16:55:51 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-09 16:55:51 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-09 16:55:43 ----D---- C:\Program Files (x86)\Java
2013-10-09 16:32:08 ----A---- C:\Windows\system32\aswBoot.exe
2013-10-09 16:31:25 ----D---- C:\Program Files\AVAST Software
2013-10-09 16:30:37 ----D---- C:\ProgramData\AVAST Software
2013-10-09 14:38:59 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-09 14:38:58 ----A---- C:\Windows\system32\ieui.dll
2013-10-09 14:38:57 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-09 14:38:56 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-09 14:38:56 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-09 14:38:56 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-09 14:38:56 ----A---- C:\Windows\system32\iesetup.dll
2013-10-09 14:38:56 ----A---- C:\Windows\system32\iernonce.dll
2013-10-09 14:38:56 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-09 14:38:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-09 14:38:55 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 14:38:55 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-09 14:38:54 ----A---- C:\Windows\system32\iertutil.dll
2013-10-09 14:38:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-09 14:38:53 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-09 14:38:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-09 14:38:52 ----A---- C:\Windows\system32\jscript.dll
2013-10-09 14:38:51 ----A---- C:\Windows\system32\jscript9.dll
2013-10-09 14:38:50 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-09 14:38:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-09 14:38:49 ----A---- C:\Windows\system32\urlmon.dll
2013-10-09 14:38:48 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-09 14:38:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-09 14:38:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-09 14:38:46 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-09 14:38:46 ----A---- C:\Windows\system32\wininet.dll
2013-10-09 14:38:45 ----A---- C:\Windows\system32\ieframe.dll
2013-10-09 14:38:43 ----A---- C:\Windows\system32\mshtml.dll
2013-10-09 14:38:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-09 14:15:30 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-09 14:15:30 ----A---- C:\Windows\system32\atmfd.dll
2013-10-09 14:15:29 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-09 14:15:29 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-09 14:15:29 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-09 14:15:29 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-09 14:15:29 ----A---- C:\Windows\system32\lpk.dll
2013-10-09 14:15:29 ----A---- C:\Windows\system32\fontsub.dll
2013-10-09 14:15:29 ----A---- C:\Windows\system32\dciman32.dll
2013-10-09 14:15:29 ----A---- C:\Windows\system32\atmlib.dll
2013-10-09 14:15:28 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-09 14:15:28 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-09 14:15:27 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-09 14:15:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-09 14:15:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-09 14:15:25 ----A---- C:\Windows\system32\advapi32.dll
2013-10-09 14:15:24 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-09 14:15:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-09 14:15:24 ----A---- C:\Windows\system32\tdh.dll
2013-10-09 14:15:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-09 14:15:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-09 14:15:23 ----A---- C:\Windows\system32\wow64.dll
2013-10-09 14:15:23 ----A---- C:\Windows\system32\ntdll.dll
2013-10-09 14:15:21 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-09 14:15:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-09 14:15:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-09 14:15:21 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-09 14:15:20 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-09 14:15:15 ----A---- C:\Windows\system32\mswsock.dll
2013-10-09 14:15:15 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-09 14:15:15 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-09 14:15:14 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-09 14:15:13 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-09 14:15:13 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-09 14:15:13 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-09 14:15:13 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-09 14:15:13 ----A---- C:\Windows\system32\davclnt.dll
2013-10-09 14:15:12 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-09 14:15:11 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-09 14:15:09 ----A---- C:\Windows\system32\win32k.sys
2013-10-09 14:15:09 ----A---- C:\Windows\system32\drivers\usbser.sys
2013-10-09 14:15:08 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 14:15:08 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 14:15:08 ----A---- C:\Windows\system32\comctl32.dll
2013-10-09 14:15:07 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-09 14:15:07 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-09 14:13:13 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-09 14:12:28 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-10-08 13:47:57 ----D---- C:\Program Files (x86)\TV Online
2013-10-07 00:45:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-10-07 00:12:44 ----D---- C:\Users\Ruda\AppData\Roaming\MindSpec
2013-10-07 00:12:31 ----D---- C:\ProgramData\MindSpec
2013-10-07 00:12:29 ----D---- C:\Program Files (x86)\Linguarde
2013-10-06 11:35:59 ----DC---- C:\Downloads
2013-10-04 18:53:53 ----RD---- C:\Program Files (x86)\Skype
2013-10-02 18:46:09 ----A---- C:\Windows\SYSWOW64\test.dat
2013-10-02 18:41:22 ----D---- C:\Users\Ruda\AppData\Roaming\uTorrent
2013-10-02 00:13:27 ----D---- C:\Users\Ruda\AppData\Roaming\Zoner
2013-10-02 00:13:23 ----D---- C:\ProgramData\Zoner
2013-10-01 23:37:01 ----D---- C:\Users\Ruda\AppData\Roaming\RocketPDF
2013-10-01 23:29:11 ----D---- C:\Program Files (x86)\UnZIPExpress
2013-09-29 21:43:58 ----D---- C:\Program Files (x86)\Maxthon
2013-09-29 20:05:43 ----D---- C:\Users\Ruda\AppData\Roaming\JLC's Software
2013-09-29 20:05:28 ----D---- C:\Program Files (x86)\JLC's Software
2013-09-28 17:04:32 ----DC---- C:\Shoty
2013-09-28 15:04:41 ----D---- C:\Program Files (x86)\ScreenShots
2013-09-28 10:04:48 ----D---- C:\Program Files (x86)\logview4net
2013-09-27 21:03:30 ----D---- C:\Program Files (x86)\Gadwin Systems
2013-09-26 23:51:38 ----D---- C:\Program Files (x86)\OpenSource Flash Video Splitter
2013-09-26 23:51:35 ----D---- C:\Program Files (x86)\DirectVobSub
2013-09-26 23:51:11 ----D---- C:\Program Files (x86)\LAV Filters
2013-09-26 23:50:43 ----A---- C:\Windows\SYSWOW64\unins000.exe
2013-09-26 23:46:56 ----D---- C:\Program Files (x86)\DCoder Image Source
2013-09-26 23:46:51 ----D---- C:\Program Files (x86)\7-Zip
2013-09-26 23:46:45 ----D---- C:\Program Files (x86)\FFMPEG Core Files
2013-09-26 23:46:30 ----D---- C:\Program Files (x86)\CD Audio Reader Filter
2013-09-26 23:46:29 ----D---- C:\Program Files (x86)\OpenSource AVI Splitter
2013-09-26 23:46:05 ----D---- C:\Program Files (x86)\Gabest MPEG Splitter
2013-09-26 23:46:03 ----D---- C:\Program Files (x86)\OpenSource DTSAC3DD+ Source Filter
2013-09-26 23:46:02 ----D---- C:\Program Files (x86)\DScaler5
2013-09-26 23:45:33 ----D---- C:\Program Files (x86)\AC3Filter
2013-09-26 23:45:14 ----D---- C:\Program Files (x86)\MadVR
2013-09-26 23:44:55 ----D---- C:\Program Files (x86)\Bass Audio Decoder
2013-09-25 23:11:59 ----D---- C:\Program Files (x86)\IrfanView
2013-09-25 00:48:14 ----D---- C:\Users\Ruda\AppData\Roaming\Gest
2013-09-24 22:07:49 ----D---- C:\Users\Ruda\AppData\Roaming\vlc
2013-09-24 19:18:14 ----D---- C:\Program Files (x86)\FileASSASSIN
2013-09-24 16:29:44 ----D---- C:\Program Files (x86)\ManualAttaching_unpack_LS2013
2013-09-24 15:06:14 ----D---- C:\Program Files (x86)\LastPass
2013-09-24 11:54:14 ----A---- C:\Windows\system32\drivers\inspect.sys
2013-09-24 11:54:12 ----A---- C:\Windows\system32\drivers\cmdhlp.sys
2013-09-24 11:54:12 ----A---- C:\Windows\system32\drivers\cmdguard.sys
2013-09-24 11:54:12 ----A---- C:\Windows\system32\drivers\cmderd.sys
2013-09-24 11:53:54 ----A---- C:\Windows\system32\cmdcsr.dll
2013-09-24 11:53:52 ----A---- C:\Windows\SYSWOW64\guard32.dll
2013-09-24 11:53:52 ----A---- C:\Windows\system32\guard64.dll
2013-09-24 11:53:42 ----A---- C:\Windows\system32\cmdvrt64.dll
2013-09-24 11:53:40 ----A---- C:\Windows\system32\cmdkbd64.dll
2013-09-24 11:53:36 ----A---- C:\Windows\SYSWOW64\cmdvrt32.dll
2013-09-24 11:53:36 ----A---- C:\Windows\SYSWOW64\cmdkbd32.dll
2013-09-23 22:59:20 ----D---- C:\Users\Ruda\AppData\Roaming\NVIDIA
2013-09-21 20:56:00 ----D---- C:\Program Files (x86)\IDOS
2013-09-19 16:48:22 ----D---- C:\Users\Ruda\AppData\Roaming\pyramidak
2013-09-19 12:29:45 ----D---- C:\Users\Ruda\AppData\Roaming\Media Player Classic
2013-09-19 11:26:08 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2013-09-19 01:49:43 ----D---- C:\Windows\SoftwareDistribution
2013-09-17 11:57:31 ----D---- C:\ProgramData\VSO
2013-09-17 11:57:31 ----D---- C:\Program Files (x86)\VSO
2013-09-16 23:34:41 ----D---- C:\Program Files\Microsoft Research
2013-09-16 19:26:37 ----D---- C:\Users\Ruda\AppData\Roaming\Digiarty

======List of files/folders modified in the last 1 month======

2013-10-15 10:57:42 ----D---- C:\Users\Ruda\AppData\Roaming\Skype
2013-10-15 09:57:18 ----D---- C:\Windows\system32\config
2013-10-15 09:52:05 ----SHD---- C:\Windows\Installer
2013-10-15 09:52:05 ----D---- C:\Windows\temp
2013-10-15 09:47:47 ----RD---- C:\Program Files (x86)
2013-10-14 20:38:03 ----SHD---- C:\System Volume Information
2013-10-14 17:27:03 ----D---- C:\Windows\inf
2013-10-14 17:27:03 ----D---- C:\Windows
2013-10-14 00:34:26 ----D---- C:\Windows\winsxs
2013-10-14 00:24:10 ----D---- C:\Program Files (x86)\Common Files
2013-10-14 00:23:56 ----D---- C:\Windows\System32
2013-10-14 00:23:49 ----D---- C:\Windows\system32\drivers
2013-10-13 21:59:29 ----D---- C:\Windows\Tasks
2013-10-13 21:59:29 ----D---- C:\Windows\system32\Tasks
2013-10-13 21:21:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-13 21:18:31 ----A---- C:\Windows\SYSWOW64\log.txt
2013-10-13 21:16:08 ----D---- C:\ProgramData\NVIDIA
2013-10-13 21:14:30 ----DC---- C:\AdwCleaner
2013-10-13 17:28:29 ----D---- C:\Program Files (x86)\Cool Smiley Bar for Facebook
2013-10-12 23:46:24 ----RD---- C:\Program Files
2013-10-12 21:18:38 ----D---- C:\Windows\registration
2013-10-12 15:53:40 ----D---- C:\Windows\Prefetch
2013-10-12 00:28:21 ----D---- C:\Windows\SysWOW64
2013-10-11 10:54:26 ----D---- C:\Windows\system32\catroot
2013-10-11 10:54:25 ----D---- C:\Windows\system32\DriverStore
2013-10-09 23:37:02 ----D---- C:\ProgramData
2013-10-09 20:21:35 ----D---- C:\Windows\Panther
2013-10-09 20:21:35 ----D---- C:\Windows\debug
2013-10-09 18:36:27 ----D---- C:\Windows\rescache
2013-10-09 18:05:07 ----RSD---- C:\Windows\assembly
2013-10-09 18:05:07 ----D---- C:\Windows\Microsoft.NET
2013-10-09 16:55:45 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-10-09 16:55:45 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-10-09 14:44:18 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-09 14:44:15 ----D---- C:\Program Files\Internet Explorer
2013-10-09 14:44:05 ----D---- C:\Windows\AppPatch
2013-10-09 14:44:00 ----D---- C:\Windows\system32\cs-CZ
2013-10-09 14:39:26 ----D---- C:\Windows\system32\catroot2
2013-10-09 14:35:55 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-09 14:30:44 ----D---- C:\Windows\system32\MRT
2013-10-09 14:25:47 ----A---- C:\Windows\system32\MRT.exe
2013-10-09 13:15:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-10-09 12:56:09 ----D---- C:\Program Files\Recuva
2013-10-08 13:48:11 ----SHDC---- C:\AI_RecycleBin
2013-10-08 13:48:11 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2013-10-08 13:47:07 ----D---- C:\Users\Ruda\AppData\Roaming\TV Online
2013-10-07 22:40:43 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-07 22:39:47 ----D---- C:\Users\Ruda\AppData\Roaming\SoftGrid Client
2013-10-06 23:39:34 ----D---- C:\Windows\ModemLogs
2013-10-05 22:54:27 ----D---- C:\Users\Ruda\AppData\Roaming\Q-Dir
2013-10-04 18:54:09 ----D---- C:\ProgramData\Skype
2013-10-02 22:05:04 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-10-02 19:45:07 ----AD---- C:\ProgramData\Temp
2013-10-01 19:37:57 ----A---- C:\Windows\SYSWOW64\ssins.exe
2013-09-30 23:43:13 ----D---- C:\ProgramData\Microsoft Help
2013-09-27 15:31:57 ----D---- C:\Users\Ruda\AppData\Roaming\PhotoScape
2013-09-26 23:50:45 ----D---- C:\Windows\SYSWOW64\languages
2013-09-26 00:10:44 ----D---- C:\Users\Ruda\AppData\Roaming\IrfanView
2013-09-24 22:04:10 ----D---- C:\Program Files (x86)\VideoLAN
2013-09-24 16:44:03 ----D---- C:\ProgramData\SystemExplorer
2013-09-24 15:34:08 ----D---- C:\Program Files\CCleaner
2013-09-24 13:31:32 ----D---- C:\Windows\system32\wfp
2013-09-24 13:31:24 ----D---- C:\Windows\system32\wbem
2013-09-24 13:29:17 ----D---- C:\Windows\system32\Msdtc
2013-09-24 13:29:14 ----D---- C:\Windows\system32\CodeIntegrity
2013-09-24 13:28:41 ----D---- C:\ProgramData\P4G
2013-09-24 13:27:51 ----D---- C:\Contacts
2013-09-24 00:25:16 ----D---- C:\Windows\LiveKernelReports
2013-09-21 17:03:06 ----D---- C:\Windows\SYSWOW64\custom matrices
2013-09-21 17:03:04 ----D---- C:\Windows\SYSWOW64\C2MP
2013-09-21 17:03:02 ----D---- C:\Windows\system32\Macromed
2013-09-21 16:53:13 ----RHD---- C:\MSOCache
2013-09-17 12:36:19 ----D---- C:\Windows\SYSWOW64\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-12-23 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-26 19224]
R0 kavbootc;kavbootc; C:\Windows\system32\drivers\kavbootc64.sys [2013-03-08 31848]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-04-08 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-09-24 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-09-24 709144]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-09-24 48872]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-09-24 96800]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 kisknl;kisknl; \??\C:\Windows\system32\drivers\kisknl.sys [2013-03-08 221496]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2012-02-29 17152]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-05-31 36480]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-01-11 2801664]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-05-31 341120]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-05-31 111232]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-05-31 30848]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-05-31 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-05-31 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-05-31 281472]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-05-31 551040]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2012-02-24 80384]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-02-19 200488]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-22 14692224]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 331264]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-12-23 104048]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-03-23 2193008]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 KDHacker;KDHacker; \??\c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AsusVBus;AsusVBus; C:\Windows\system32\DRIVERS\AsusVBus.sys [2012-04-12 35968]
S3 AsusVTouch;AsusVTouch; C:\Windows\system32\DRIVERS\AsusVTouch.sys [2012-04-12 16512]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\combofix\catchme.sys []
S3 dcdbas;System Management Driver; C:\Windows\system32\DRIVERS\dcdbas64.sys []
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2013-04-22 21712]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272]
S3 MsgPlusDriver;Messenger Plus! Virtual Camera; C:\Windows\system32\DRIVERS\MsgPlusDriver.sys []
S3 PCWinSoft;ScreenCamera Video Camera; C:\Windows\system32\DRIVERS\scrcamhrdrv_x64.sys [2012-10-11 241800]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB Serial Emulation Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-05-31 119424]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-09-24 6253640]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-10-01 2746704]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
R2 iWinTrusted;iWinTrusted; C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2013-08-02 177320]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-29 277784]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-14 884512]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-03-23 27760]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 136176]
S2 kxescore;Kingsoft Core Service; c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe /service kxescore []
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-04-08 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 164056]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-22 276248]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-07 118680]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: kontrola logu

#30 Příspěvek od Márty84 »

:!: Vypnete antivir, at nebrani programu v praci!
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
Skype C2C Service
BBUpdate
BBSvc
gupdate
kxescore
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem
gusvc
kisknl
kavbootc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\ASUS SmartLogon Console Sensor.job
C:\Windows\tasks\C__Users_Ruda_Downloads_tvonline.exe.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
C:\Windows\SysNative\drivers\kisknl.sys
C:\Windows\SysNative\drivers\kavbootc64.sys

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes,DefaultScope = {0B1233B8-F2A2-440E-AD8F-E2CF705A1DE4}
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{0B1233B8-F2A2-440E-AD8F-E2CF705A1DE4}: "URL" = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\SearchScopes\{258D536F-D026-4FC7-ADA2-2769D328F757}: "URL" = http://search.aol.com/aol/search?s_it=tb50winamp&q={searchTerms}
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="
FF - prefs.js..network.proxy.type: 2
FF - HKLM\Software\MozillaPlugins\@kingsfot.com/npkws: File not found
[2013.08.03 09:32:08 | 000,002,350 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\searchplugins\aol-search.xml
[2013.07.18 22:39:27 | 000,001,087 | ---- | M] () -- C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\5187wu0d.default\searchplugins\webwebweb.xml
O3 - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..\Toolbar\WebBrowser: (no name) - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No CLSID value found.
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O15:64bit: - ..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-841361005-909514878-2309378359-1002\..Trusted Domains: localhost ([]http in Internet)
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[14 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[16 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[19 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[14 C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[19 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[14 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
@Alternate Data Stream - 4 bytes -> C:\Windows\win.ini:s3
@Alternate Data Stream - 376 bytes -> C:\ProgramData\Temp:FAB80532
@Alternate Data Stream - 374 bytes -> C:\ProgramData\Temp:94EFA686
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:FEF919E6
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:77846FFE
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:D20FFA63
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:373C6DC2
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:373E1720
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:820563D3
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppsHat] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linguarde] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tv-Plug-In] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"SunJavaUpdateSched"=-
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“