Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu po odinstalovani bordelu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
mistery
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 31 říj 2010 18:42

Kontrola logu po odinstalovani bordelu

#1 Příspěvek od mistery »

Dobry den,
az tu na fore som sa docital ze Advanced SystemCare je vlastne skodlivy sw :(
Mal so to nainstalovane na svojom NB a teraz som z toho trosku nervozny ci mi tam nieco z toho nezostalo...
NB startuje trosku pomalejsie (moze to byt ale sposobene pribudajucim sw) ale nie je to nic strasne...
Eset mi tiez dal do karanteny par hrozieb (uz davnejsie som to vymazal takze neviem napisat co to bolo)
MBAM mi oznacil 2 hrozby ale boli to v ramci spakovanych suborov takze by to nemalo predstavovat zavaznejsiu hrozbu a uz som to z PC vymazal...
Nie som si ale isty ci je PC ciste a chcel by som vas poprosit o kontrolu logu pripadne o pomoc pri odstraneni bordelu.
Vopred dakujem.

Log z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Miroslav at 2013-08-30 10:59:05
Microsoft Windows 8
System drive C: has 757 GB (84%) free of 905 GB
Total RAM: 8048 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:59:08, on 30.8.2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Users\Miroslav\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Miroslav\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\windows\syswow64\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Miroslav.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [IntellingentTouchpad] C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Miroslav\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Miroslav\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Prevést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Pridat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12973 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 719476475552
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
dashost.exe {98817559-92a0-45c4-93a72b6cf120a171}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-dd70e501-5d29-4402-8ee7-34d5714efa56 -SystemEventPortName:HostProcess-da8b99e3-8edc-46cb-a2e7-eeee2940d788 -IoCancelEventPortName:HostProcess-450becc3-f832-4e3c-a2e1-816516dc6122 -NonStateChangingEventPortName:HostProcess-8a6ee7b9-377c-4d12-a951-a87c342fca1a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:38d461ce-fe27-4211-9de1-c55db578e15d -DeviceGroupId:WudfDefaultDevicePool
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskhost.exe $(Arg0)
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session
taskhostex.exe
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
C:\windows\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Users\Miroslav\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Users\Miroslav\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
"C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\windows\WinStore\WSHost.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\windows\syswow64\wwahost.exe" -ServerName:App.wwa
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4028.0.2085915610\812321900" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control0 pct:50a m29stable:r1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4028.5.860466080\1066691653" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control0 pct:50a m29stable:r1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_25/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4028.6.288059984\1667449744" /prefetch:673131151
taskeng.exe {5B7C8C62-64C7-4D39-94A8-C618EC334593}
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\Miroslav\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002UA.job
C:\windows\tasks\GoogleUpdateTaskMachineCore1ce7e82ff658359.job
C:\windows\tasks\GoogleUpdateTaskMachineUA1ce50e6947643e6.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002Core1ce7f15bfd2cbcc.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002UA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1005Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1005UA1ce81eae54976b4.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"=C:\windows\RTFTrack.exe [2012-08-27 6334096]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-09-05 2872720]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-10-26 13213840]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-10-29 1234064]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2012-08-27 11577216]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-15 4196432]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-11-16 17080376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-11-16 191544]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-12-19 172168]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-12-19 400008]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-12-19 441992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2012-01-20 719672]
"Google Update"=C:\Users\Miroslav\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-14 116648]
"Facebook Update"=C:\Users\Miroslav\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-28 138096]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-07-26 508656]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"IntellingentTouchpad"=C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe [2012-07-23 673336]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2013-05-08 44128]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-09-12 56128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-12-14 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"EnableCursorSuppression"=1
"ConsentPromptBehaviorUser"=3
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=1
"NoActiveDesktop"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-08-30 10:59:05 ----D---- C:\rsit
2013-08-29 10:25:00 ----D---- C:\Program Files (x86)\GUM560C.tmp
2013-08-27 16:19:29 ----D---- C:\Users\Miroslav\AppData\Roaming\Mozilla
2013-08-14 16:52:30 ----A---- C:\windows\system32\drivers\WdFilter.sys
2013-08-14 16:52:30 ----A---- C:\windows\system32\drivers\WdBoot.sys
2013-08-14 08:12:35 ----A---- C:\windows\system32\rpcrt4.dll
2013-08-14 08:12:34 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2013-08-14 08:12:34 ----A---- C:\windows\system32\drivers\tcpip.sys
2013-08-14 08:12:14 ----A---- C:\windows\SYSWOW64\uxtheme.dll
2013-08-14 08:12:14 ----A---- C:\windows\SYSWOW64\UXInit.dll
2013-08-14 08:12:14 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-08-14 08:12:14 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-08-14 08:12:14 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-08-14 08:12:14 ----A---- C:\windows\system32\uxtheme.dll
2013-08-14 08:12:14 ----A---- C:\windows\system32\UXInit.dll
2013-08-14 08:12:13 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-08-14 08:12:13 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-08-14 08:12:13 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-08-14 08:12:12 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-08-14 08:12:12 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-08-14 08:12:12 ----A---- C:\windows\system32\urlmon.dll
2013-08-14 08:12:12 ----A---- C:\windows\system32\msfeeds.dll
2013-08-14 08:12:12 ----A---- C:\windows\system32\jsproxy.dll
2013-08-14 08:12:12 ----A---- C:\windows\system32\iesetup.dll
2013-08-14 08:12:12 ----A---- C:\windows\system32\iernonce.dll
2013-08-14 08:12:12 ----A---- C:\windows\system32\ie4uinit.exe
2013-08-14 08:12:11 ----A---- C:\windows\system32\wininet.dll
2013-08-14 08:12:11 ----A---- C:\windows\system32\iesysprep.dll
2013-08-14 08:12:11 ----A---- C:\windows\system32\ieframe.dll
2013-08-14 08:12:09 ----A---- C:\windows\system32\jscript.dll
2013-08-14 08:12:08 ----A---- C:\windows\system32\mshtml.dll
2013-08-14 08:11:59 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-08-14 08:11:59 ----A---- C:\windows\system32\jscript9.dll
2013-08-14 08:11:59 ----A---- C:\windows\system32\iertutil.dll
2013-08-14 08:11:58 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-08-14 08:11:55 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-08-14 08:11:55 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-08-14 08:10:41 ----A---- C:\windows\system32\crypt32.dll
2013-08-14 08:10:40 ----A---- C:\windows\SYSWOW64\wintrust.dll
2013-08-14 08:10:40 ----A---- C:\windows\SYSWOW64\crypt32.dll
2013-08-14 08:10:40 ----A---- C:\windows\SYSWOW64\apprepsync.dll
2013-08-14 08:10:40 ----A---- C:\windows\SYSWOW64\apprepapi.dll
2013-08-14 08:10:40 ----A---- C:\windows\system32\wintrust.dll
2013-08-14 08:10:40 ----A---- C:\windows\system32\cryptsvc.dll
2013-08-14 08:10:40 ----A---- C:\windows\system32\apprepsync.dll
2013-08-14 08:10:40 ----A---- C:\windows\system32\apprepapi.dll
2013-08-08 19:17:20 ----D---- C:\Na ploche
2013-08-03 02:08:32 ----D---- C:\Users\Miroslav\AppData\Roaming\Intel Corporation
2013-08-03 02:08:27 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2013-08-03 02:04:54 ----A---- C:\windows\system32\drivers\iaStorA.sys
2013-08-03 01:21:02 ----D---- C:\Users\Miroslav\AppData\Roaming\Intel WiDi
2013-08-03 01:19:58 ----D---- C:\Program Files\Intel Corporation

======List of files/folders modified in the last 1 months======

2013-08-30 10:59:07 ----D---- C:\Program Files\trend micro
2013-08-30 10:58:26 ----D---- C:\Downloads-chrome
2013-08-30 10:50:48 ----D---- C:\windows\Prefetch
2013-08-30 10:50:09 ----D---- C:\windows\Temp
2013-08-30 10:50:04 ----HD---- C:\Program Files\WindowsApps
2013-08-30 10:44:18 ----D---- C:\windows\system32\sru
2013-08-30 10:44:07 ----D---- C:\windows\Inf
2013-08-30 10:44:07 ----AD---- C:\windows\System32
2013-08-30 10:44:07 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-08-30 00:11:07 ----RD---- C:\Program Files (x86)
2013-08-30 00:11:06 ----D---- C:\windows\system32\Drivers
2013-08-30 00:00:32 ----D---- C:\Programy
2013-08-29 23:00:23 ----D---- C:\windows\AUInstallAgent
2013-08-29 13:51:19 ----SHD---- C:\windows\Installer
2013-08-29 11:57:36 ----A---- C:\windows\SYSWOW64\log.txt
2013-08-29 11:19:32 ----D---- C:\windows\SoftwareDistribution
2013-08-29 11:19:32 ----AD---- C:\Windows
2013-08-29 11:07:04 ----D---- C:\windows\debug
2013-08-28 16:30:03 ----SD---- C:\Users\Miroslav\AppData\Roaming\Microsoft
2013-08-28 14:14:32 ----D---- C:\ProgramData\Microsoft Help
2013-08-28 14:14:02 ----SHD---- C:\System Volume Information
2013-08-27 14:46:05 ----D---- C:\windows\Microsoft.NET
2013-08-23 14:20:46 ----D---- C:\windows\system32\DriverStore
2013-08-23 12:10:30 ----D---- C:\windows\rescache
2013-08-22 15:29:06 ----D---- C:\windows\system32\NDF
2013-08-22 12:01:04 ----D---- C:\windows\system32\config
2013-08-19 08:16:25 ----D---- C:\windows\WinSxS
2013-08-19 07:55:33 ----D---- C:\windows\system32\catroot2
2013-08-19 07:53:43 ----RSD---- C:\windows\assembly
2013-08-15 11:11:33 ----D---- C:\Program Files\Windows Defender
2013-08-15 11:11:32 ----D---- C:\Program Files (x86)\Windows Defender
2013-08-15 11:11:30 ----D---- C:\windows\SYSWOW64\sk-SK
2013-08-15 11:11:30 ----D---- C:\windows\SYSWOW64\en-US
2013-08-15 11:11:30 ----D---- C:\windows\system32\sk-SK
2013-08-15 11:11:30 ----D---- C:\windows\system32\en-US
2013-08-15 11:11:28 ----D---- C:\windows\SysWOW64
2013-08-15 11:11:26 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-15 11:11:24 ----D---- C:\Program Files\Internet Explorer
2013-08-15 11:11:19 ----D---- C:\windows\CbsTemp
2013-08-15 11:09:01 ----D---- C:\windows\system32\MRT
2013-08-15 11:08:58 ----A---- C:\windows\system32\MRT.exe
2013-08-04 11:08:25 ----D---- C:\windows\LiveKernelReports
2013-08-04 10:48:32 ----D---- C:\Program Files (x86)\Intel
2013-08-04 10:26:56 ----D---- C:\windows\Logs
2013-08-03 02:08:30 ----D---- C:\Program Files (x86)\Common Files
2013-08-03 02:08:03 ----D---- C:\ProgramData\Intel
2013-08-03 02:06:21 ----HD---- C:\ProgramData
2013-08-03 02:05:24 ----D---- C:\windows\system32\catroot
2013-08-03 02:04:43 ----D---- C:\drivers
2013-08-03 02:03:44 ----D---- C:\Ovladace-nove
2013-08-03 01:40:37 ----D---- C:\Program Files\Intel
2013-08-03 01:21:28 ----D---- C:\Users\Miroslav\AppData\Roaming\Intel
2013-08-03 01:19:58 ----RD---- C:\Program Files
2013-08-03 01:03:14 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-08-03 01:03:14 ----D---- C:\Program Files (x86)\Lenovo
Nahoru
mistery
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 31 říj 2010 18:42

Re: Kontrola logu po odinstalovani bordelu

#2 Příspěvek od mistery »

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\windows\System32\drivers\ACPI.sys [2012-09-20 425192]
R0 acpiex;Microsoft ACPIEx Driver; C:\windows\System32\Drivers\acpiex.sys [2012-07-26 77040]
R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\windows\System32\drivers\CLFS.sys [2012-07-26 361200]
R0 CNG;CNG; C:\windows\System32\Drivers\cng.sys [2012-10-11 562392]
R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\windows\System32\drivers\disk.sys [2012-07-26 102640]
R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\windows\System32\drivers\fileinfo.sys [2012-07-26 71920]
R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\windows\system32\drivers\fltmgr.sys [2012-07-26 374512]
R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\windows\System32\DRIVERS\fvevol.sys [2012-09-20 465128]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2012-09-01 647736]
R0 KSecDD;KSecDD; C:\windows\System32\Drivers\ksecdd.sys [2012-09-20 100072]
R0 KSecPkg;KSecPkg; C:\windows\System32\Drivers\ksecpkg.sys [2012-10-11 172264]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-11-16 39008]
R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\windows\System32\drivers\mountmgr.sys [2012-07-26 93936]
R0 msisadrv;msisadrv; C:\windows\System32\drivers\msisadrv.sys [2012-07-26 17136]
R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\windows\System32\Drivers\mup.sys [2012-07-26 83696]
R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\windows\system32\drivers\ndis.sys [2013-06-17 997632]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2013-02-14 30496]
R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\windows\System32\drivers\partmgr.sys [2013-01-10 91880]
R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\windows\System32\drivers\pci.sys [2012-07-26 234224]
R0 pcw;Performance Counters for Windows Driver; C:\windows\System32\drivers\pcw.sys [2012-07-26 52464]
R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\windows\system32\drivers\pdc.sys [2013-04-09 69864]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2012-07-26 217328]
R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\windows\System32\drivers\spaceport.sys [2013-05-04 284416]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2013-01-17 564824]
R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\windows\System32\drivers\tcpip.sys [2013-07-09 2233168]
R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\windows\System32\drivers\vdrvroot.sys [2012-07-26 36080]
R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\windows\System32\drivers\volmgr.sys [2012-07-26 83184]
R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\windows\System32\drivers\volmgrx.sys [2012-07-26 378608]
R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\windows\System32\drivers\volsnap.sys [2013-06-01 327936]
R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\windows\system32\drivers\Wdf01000.sys [2013-01-10 785504]
R0 WFPLWFS;@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000; C:\windows\system32\DRIVERS\wfplwfs.sys [2012-07-26 96496]
R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\windows\system32\drivers\afd.sys [2012-11-06 560640]
R1 BasicDisplay;BasicDisplay; C:\windows\System32\drivers\BasicDisplay.sys [2012-07-26 48640]
R1 BasicRender;BasicRender; C:\windows\System32\drivers\BasicRender.sys [2012-07-26 29696]
R1 Beep;Beep; C:\windows\system32\drivers\Beep.sys [2012-07-26 7680]
R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\windows\System32\drivers\cdrom.sys [2012-07-26 174080]
R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\windows\System32\Drivers\dfsc.sys [2012-07-26 118784]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\windows\System32\drivers\discache.sys [2012-07-26 50688]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
R1 Msfs;Msfs; C:\windows\system32\drivers\Msfs.sys [2012-07-26 26112]
R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\windows\System32\drivers\mssmbios.sys [2012-07-26 37616]
R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\windows\system32\DRIVERS\netbios.sys [2012-07-26 46080]
R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\windows\System32\DRIVERS\netbt.sys [2012-07-26 331776]
R1 Npfs;Npfs; C:\windows\system32\drivers\Npfs.sys [2012-07-26 49152]
R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\windows\System32\drivers\npsvctrig.sys [2012-07-26 23552]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\windows\system32\drivers\nsiproxy.sys [2012-07-26 34304]
R1 Null;Null; C:\windows\system32\drivers\Null.sys [2012-07-26 5632]
R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\windows\system32\DRIVERS\pacer.sys [2012-07-26 145408]
R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\windows\system32\DRIVERS\rdbss.sys [2013-05-04 427520]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\windows\system32\DRIVERS\tdx.sys [2012-07-26 117248]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\windows\system32\DRIVERS\wanarp.sys [2013-05-14 83456]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2012-10-08 138744]
R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\windows\system32\DRIVERS\lltdio.sys [2012-07-26 60416]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\windows\system32\drivers\luafv.sys [2012-07-26 134144]
R2 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\windows\system32\DRIVERS\nwifi.sys [2012-07-26 427520]
R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\windows\system32\drivers\Ndu.sys [2012-07-26 97792]
R2 PEAUTH;PEAUTH; C:\windows\system32\drivers\peauth.sys [2013-05-14 805376]
R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\windows\system32\DRIVERS\rspndr.sys [2012-07-26 78848]
R2 secdrv;Security Driver; C:\windows\system32\drivers\secdrv.sys [2012-07-26 23040]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\windows\System32\drivers\tcpipreg.sys [2012-07-26 45056]
R3 ACPIVPC;@oem48.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2012-11-16 33560]
R3 AMPPAL;@oem87.inf,%AMPPAL.SVCDESC%;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter; C:\windows\System32\drivers\AMPPAL.sys [2012-11-13 156160]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\windows\system32\DRIVERS\bowser.sys [2012-07-26 101888]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
R3 btmaux;@oem47.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2012-08-27 121728]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2012-08-29 857472]
R3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\windows\System32\drivers\CmBatt.sys [2012-07-26 25600]
R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\windows\System32\drivers\CompositeBus.sys [2012-07-26 36352]
R3 condrv;Console Driver; C:\windows\System32\drivers\condrv.sys [2012-07-26 33792]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\windows\System32\drivers\dxgkrnl.sys [2013-05-14 1455368]
R3 ETD;@oem41.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-09-05 318800]
R3 fastfat;FAT12/16/32 File System Driver; C:\windows\system32\drivers\fastfat.sys [2012-07-26 210672]
R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\windows\System32\drivers\HDAudBus.sys [2012-09-20 71168]
R3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\windows\System32\drivers\hidbth.sys [2013-05-14 95744]
R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\windows\system32\drivers\HTTP.sys [2013-05-14 861184]
R3 i8042prt;@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver; C:\windows\System32\drivers\i8042prt.sys [2012-07-26 112640]
R3 ibtfltcoex;ibtfltcoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-08-06 68136]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2012-10-30 4201104]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\windows\System32\drivers\intelppm.sys [2012-11-06 89088]
R3 iwdbus;@oem83.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2012-11-29 25568]
R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\windows\System32\drivers\kbdclass.sys [2012-07-26 48368]
R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20); C:\windows\system32\DRIVERS\kdnic.sys [2012-07-26 18432]
R3 ksthunk;Kernel Streaming Thunks; C:\windows\system32\drivers\ksthunk.sys [2012-07-26 21376]
R3 MEIx64;@oem80.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\HECIx64.sys [2013-01-11 64624]
R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service; C:\windows\System32\drivers\monitor.sys [2013-04-09 30720]
R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\windows\System32\drivers\mouclass.sys [2012-07-26 45808]
R3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\windows\System32\drivers\mouhid.sys [2013-04-09 26112]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\windows\System32\drivers\mpsdrv.sys [2012-10-11 74752]
R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\windows\system32\DRIVERS\mrxsmb.sys [2013-02-06 370688]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\windows\system32\DRIVERS\mrxsmb10.sys [2012-07-26 279552]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\windows\system32\DRIVERS\mrxsmb20.sys [2013-02-06 215552]
R3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\windows\System32\drivers\mshidumdf.sys [2012-07-26 10752]
R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\windows\system32\DRIVERS\ndistapi.sys [2012-09-20 25088]
R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\windows\system32\DRIVERS\ndisuio.sys [2012-07-26 58880]
R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]
R3 NDProxy;NDIS Proxy; C:\windows\system32\drivers\NDProxy.sys [2013-05-14 60416]
R3 NETwNe64;@oem86.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew00.sys [2012-11-22 4309032]
R3 Ntfs;Ntfs; C:\windows\system32\drivers\Ntfs.sys [2013-02-02 1933544]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2013-02-14 11060512]
R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\windows\system32\DRIVERS\raspptp.sys [2012-07-26 114176]
R3 RasAgileVpn;@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2); C:\windows\system32\DRIVERS\AgileVpn.sys [2012-07-26 68608]
R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\windows\system32\DRIVERS\rasl2tp.sys [2012-07-26 124928]
R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\windows\system32\DRIVERS\raspppoe.sys [2012-07-26 81920]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\windows\system32\DRIVERS\rassstp.sys [2012-07-26 92672]
R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\windows\System32\drivers\rdpbus.sys [2012-07-26 22528]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-10-12 27880]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2013-04-09 156672]
R3 RTL8168;@oem6.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2012-06-12 683664]
R3 rtsuvc;@oem22.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2012-08-27 8227216]
R3 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\windows\System32\DRIVERS\srv.sys [2012-07-26 416768]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\windows\System32\DRIVERS\srv2.sys [2013-05-14 623104]
R3 srvnet;srvnet; C:\windows\System32\DRIVERS\srvnet.sys [2013-05-14 247808]
R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\windows\System32\drivers\swenum.sys [2012-07-26 13680]
R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver; C:\windows\system32\DRIVERS\tunnel.sys [2012-07-26 149504]
R3 UCX01000;USB Controller Extension; C:\windows\System32\drivers\ucx01000.sys [2013-06-01 213248]
R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\windows\System32\drivers\umbus.sys [2012-07-26 48128]
R3 usb3Hub;@oem84.inf,%usb3Hub.SVCDESC%;USB-IF USB 3.0 Hub; C:\windows\System32\drivers\usb3Hub.sys [2012-11-29 47072]
R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\windows\System32\drivers\usbccgp.sys [2012-07-26 120832]
R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\windows\System32\drivers\usbehci.sys [2012-09-20 79080]
R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver; C:\windows\System32\drivers\usbhub.sys [2013-02-02 496872]
R3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\windows\System32\drivers\UsbHub3.sys [2013-05-04 446720]
R3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\windows\System32\drivers\USBXHCI.SYS [2013-06-01 337152]
R3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\windows\System32\drivers\vwifibus.sys [2012-07-26 24064]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 3ware;3ware; C:\windows\System32\drivers\3ware.sys [2012-07-26 106736]
S0 adp94xx;adp94xx; C:\windows\System32\drivers\adp94xx.sys [2012-07-26 492272]
S0 adpahci;adpahci; C:\windows\System32\drivers\adpahci.sys [2012-07-26 340720]
S0 adpu320;adpu320; C:\windows\System32\drivers\adpu320.sys [2012-07-26 184048]
S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\windows\System32\drivers\agp440.sys [2012-07-26 63216]
S0 amdsata;amdsata; C:\windows\System32\drivers\amdsata.sys [2012-07-26 76016]
S0 amdsbs;amdsbs; C:\windows\System32\drivers\amdsbs.sys [2012-07-26 258288]
S0 amdxata;amdxata; C:\windows\System32\drivers\amdxata.sys [2012-07-26 26352]
S0 arc;arc; C:\windows\System32\drivers\arc.sys [2012-07-26 104688]
S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver; C:\windows\System32\drivers\arcsas.sys [2012-07-26 108272]
S0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\windows\System32\drivers\atapi.sys [2012-07-26 25840]
S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\windows\System32\drivers\bxvbda.sys [2012-09-20 533224]
S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\windows\System32\drivers\evbda.sys [2012-09-20 3265256]
S0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\windows\System32\drivers\EhStorClass.sys [2012-07-26 81136]
S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\windows\System32\drivers\EhStorTcgDrv.sys [2012-07-26 113904]
S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\windows\System32\drivers\gagp30kx.sys [2012-07-26 66800]
S0 HpSAMD;HpSAMD; C:\windows\System32\drivers\HpSAMD.sys [2012-07-26 64752]
S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\windows\System32\drivers\hwpolicy.sys [2012-07-26 24816]
S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\windows\System32\drivers\iaStorV.sys [2012-07-26 411888]
S0 iirsp;iirsp; C:\windows\System32\drivers\iirsp.sys [2012-07-26 45296]
S0 intelide;intelide; C:\windows\System32\drivers\intelide.sys [2012-07-26 18672]
S0 isapnp;isapnp; C:\windows\System32\drivers\isapnp.sys [2012-07-26 22256]
S0 LSI_SAS;LSI_SAS; C:\windows\System32\drivers\lsi_sas.sys [2012-07-26 108784]
S0 LSI_SAS2;LSI_SAS2; C:\windows\System32\drivers\lsi_sas2.sys [2012-07-26 92400]
S0 LSI_SCSI;LSI_SCSI; C:\windows\System32\drivers\lsi_scsi.sys [2012-07-26 116976]
S0 LSI_SSS;LSI_SSS; C:\windows\System32\drivers\lsi_sss.sys [2012-07-26 81136]
S0 megasas;megasas; C:\windows\System32\drivers\megasas.sys [2012-07-26 51952]
S0 MegaSR;MegaSR; C:\windows\System32\drivers\MegaSR.sys [2012-07-26 353008]
S0 mvumis;mvumis; C:\windows\System32\drivers\mvumis.sys [2012-07-26 64240]
S0 nfrd960;nfrd960; C:\windows\System32\drivers\nfrd960.sys [2012-07-26 52464]
S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\windows\System32\drivers\nv_agp.sys [2012-07-26 125168]
S0 nvraid;nvraid; C:\windows\System32\drivers\nvraid.sys [2012-07-26 150256]
S0 nvstor;nvstor; C:\windows\System32\drivers\nvstor.sys [2012-07-26 168176]
S0 pciide;pciide; C:\windows\System32\drivers\pciide.sys [2012-07-26 14064]
S0 pcmcia;pcmcia; C:\windows\System32\drivers\pcmcia.sys [2012-07-26 237808]
S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\windows\System32\drivers\sbp2port.sys [2012-07-26 107760]
S0 SiSRaid2;SiSRaid2; C:\windows\System32\drivers\SiSRaid2.sys [2012-07-26 44784]
S0 SiSRaid4;SiSRaid4; C:\windows\System32\drivers\sisraid4.sys [2012-07-26 81648]
S0 stexstor;stexstor; C:\windows\System32\drivers\stexstor.sys [2012-07-26 30960]
S0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\windows\System32\drivers\storahci.sys [2013-04-09 77544]
S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\windows\system32\DRIVERS\vmstorfl.sys [2012-07-26 45160]
S0 storvsc;storvsc; C:\windows\System32\drivers\storvsc.sys [2012-07-26 37992]
S0 uagp35;@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\windows\System32\drivers\uagp35.sys [2012-07-26 65776]
S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\windows\System32\drivers\uliagpkx.sys [2012-07-26 66800]
S0 viaide;viaide; C:\windows\System32\drivers\viaide.sys [2012-07-26 19184]
S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\System32\drivers\vmbus.sys [2012-07-26 137832]
S0 vsmraid;vsmraid; C:\windows\System32\drivers\vsmraid.sys [2012-07-26 164080]
S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage Controller Windows Driver; C:\windows\System32\drivers\vstxraid.sys [2012-07-26 322800]
S0 Wd;@wd.inf,%WdServiceDisplayName%;Microsoft Watchdog Timer Driver; C:\windows\System32\drivers\wd.sys [2012-07-26 23792]
S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\windows\system32\drivers\dam.sys [2012-10-11 58088]
S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\windows\System32\drivers\1394ohci.sys [2012-07-26 226304]
S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\windows\System32\drivers\acpipagr.sys [2012-07-26 10240]
S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\windows\System32\drivers\acpipmi.sys [2012-07-26 12288]
S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\windows\System32\drivers\acpitime.sys [2012-07-26 10752]
S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\windows\System32\drivers\amdk8.sys [2012-11-06 90624]
S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\windows\System32\drivers\amdppm.sys [2012-11-06 88064]
S3 AMPPALP;@oem88.inf,%AMPPALP_Desc%;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-11-13 156160]
S3 AndNetDiag;@oem64.inf,%Lgsi.Service.Name%;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys [2012-07-03 29184]
S3 ANDNetModem;@oem66.inf,%LGSI.Service.Name%;LGE AndroidNet USB Modem; C:\windows\system32\DRIVERS\lgandnetmodem64.sys [2012-07-03 36352]
S3 andnetndis;@oem67.inf,%LgNdis.Service.DispName%;LGE AndroidNet NDIS Ethernet Adapter; C:\windows\system32\DRIVERS\lgandnetndis64.sys [2012-07-04 93184]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\windows\system32\drivers\appid.sys [2012-07-26 79360]
S3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\windows\system32\DRIVERS\asyncmac.sys [2012-07-26 26624]
S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\windows\System32\drivers\BthAvrcpTg.sys [2013-06-01 37632]
S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\windows\System32\drivers\bthhfenum.sys [2012-07-26 51200]
S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\windows\System32\drivers\BthHFHid.sys [2012-11-27 29952]
S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\windows\System32\drivers\bthmodem.sys [2012-07-26 65536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2013-04-09 1175040]
S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\windows\System32\drivers\circlass.sys [2012-07-26 45056]
S3 dg_ssudbus;@oem55.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 dmvsc;dmvsc; C:\windows\System32\drivers\dmvsc.sys [2012-07-26 33280]
S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\windows\system32\drivers\drmkaud.sys [2012-10-11 5632]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\windows\System32\drivers\errdev.sys [2012-07-26 10240]
S3 exfat;exFAT File System Driver; C:\windows\system32\drivers\exfat.sys [2012-07-26 194560]
S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\windows\System32\drivers\fdc.sys [2012-07-26 30720]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\windows\system32\drivers\filetrace.sys [2012-07-26 34816]
S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\windows\System32\drivers\flpydisk.sys [2012-07-26 24576]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\windows\System32\drivers\FsDepends.sys [2012-07-26 57584]
S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\windows\System32\drivers\fxppm.sys [2012-11-06 22528]
S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\windows\System32\drivers\vmgencounter.sys [2012-07-26 12288]
S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\windows\System32\Drivers\msgpioclx.sys [2012-09-20 120040]
S3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2013-01-09 341504]
S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\windows\System32\drivers\HidBatt.sys [2012-07-26 27136]
S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\windows\System32\drivers\hidi2c.sys [2012-11-20 39936]
S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\windows\System32\drivers\hidir.sys [2012-07-26 46080]
S3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\windows\System32\drivers\hidusb.sys [2013-05-14 27648]
S3 hyperkbd;hyperkbd; C:\windows\System32\drivers\hyperkbd.sys [2012-07-26 11776]
S3 HyperVideo;HyperVideo; C:\windows\system32\DRIVERS\HyperVideo.sys [2012-07-26 24576]
S3 intaud_WaveExtensible;@oem82.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2012-11-29 35296]
S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\windows\system32\DRIVERS\ipfltdrv.sys [2012-07-26 89088]
S3 IPMIDRV;IPMIDRV; C:\windows\System32\drivers\IPMIDrv.sys [2012-07-26 78336]
S3 IPNAT;IP Network Address Translator; C:\windows\System32\drivers\ipnat.sys [2012-07-26 145920]
S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\windows\system32\drivers\irenum.sys [2012-07-26 17920]
S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\windows\System32\drivers\msiscsi.sys [2012-11-06 277736]
S3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\windows\System32\drivers\kbdhid.sys [2012-07-26 29184]
S3 Modem;Modem; C:\windows\system32\drivers\modem.sys [2012-07-26 40448]
S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\windows\system32\drivers\mrxdav.sys [2012-07-26 141312]
S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2012-07-26 129536]
S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver; C:\windows\System32\drivers\msgpiowin32.sys [2013-01-10 28904]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\windows\System32\drivers\mshidkmdf.sys [2012-07-26 8704]
S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2012-07-26 11008]
S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\windows\system32\DRIVERS\mslldp.sys [2012-07-26 68608]
S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2012-07-26 7168]
S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2012-07-26 6912]
S3 MsRPC;MsRPC; C:\windows\system32\drivers\MsRPC.sys [2012-07-26 390896]
S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2012-07-26 8192]
S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\windows\System32\drivers\MTConfig.sys [2012-07-26 14848]
S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\windows\system32\DRIVERS\ndiscap.sys [2012-07-26 46592]
S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\windows\system32\DRIVERS\NdisImPlatform.sys [2012-07-26 126464]
S3 NDISWANLEGACY;@%systemroot%\system32\rascfg.dll,-32014; C:\windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\windows\System32\drivers\parport.sys [2012-07-26 105984]
S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\windows\System32\drivers\processr.sys [2012-11-06 87552]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\windows\system32\drivers\qwavedrv.sys [2012-07-26 46592]
S3 RasAcd;Remote Access Auto Connection Driver; C:\windows\System32\DRIVERS\rasacd.sys [2012-07-26 16384]
S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\windows\System32\drivers\rdpdr.sys [2012-07-26 179712]
S3 RDPWD;RDP Winstation Driver; C:\windows\system32\drivers\RDPWD.sys [2012-07-26 208384]
S3 RSUSBVSTOR;@oem7.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2012-06-13 315536]
S3 s3cap;s3cap; C:\windows\System32\drivers\vms3cap.sys [2012-07-26 7168]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\windows\System32\DRIVERS\scfilter.sys [2012-07-26 36864]
S3 sdbus;sdbus; C:\windows\System32\drivers\sdbus.sys [2013-06-01 194816]
S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\windows\System32\drivers\sdstor.sys [2012-10-11 56552]
S3 SerCx;Serial UART Support Library; C:\windows\system32\drivers\SerCx.sys [2012-07-26 62976]
S3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\windows\System32\drivers\serenum.sys [2012-07-26 23040]
S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\windows\System32\drivers\serial.sys [2012-07-26 76800]
S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\windows\System32\drivers\sermouse.sys [2012-07-26 27136]
S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\windows\System32\drivers\sfloppy.sys [2012-07-26 16896]
S3 SpbCx;Simple Peripheral Bus Support Library; C:\windows\system32\drivers\SpbCx.sys [2012-07-26 59392]
S3 ssudmdm;@oem58.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 ssudobex;@oem56.inf,%ssud.Service.Name%;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudobex.sys [2013-02-06 203544]
S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\windows\system32\DRIVERS\tcpip.sys [2013-07-09 2233168]
S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\windows\System32\drivers\terminpt.sys [2012-07-26 36592]
S3 TPM;@tpm.inf,%TPM%;TPM; C:\windows\system32\drivers\tpm.sys [2013-04-09 148712]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-07-26 57344]
S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\windows\System32\drivers\TsUsbGD.sys [2012-07-26 30208]
S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\windows\System32\drivers\uaspstor.sys [2012-07-26 97008]
S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver; C:\windows\System32\drivers\umpass.sys [2012-07-26 11776]
S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\windows\System32\drivers\usbcir.sys [2012-07-26 99328]
S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\windows\System32\drivers\usbohci.sys [2012-11-20 27136]
S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\windows\System32\drivers\usbprint.sys [2012-07-26 25600]
S3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\windows\System32\drivers\USBSTOR.SYS [2012-07-26 119024]
S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\System32\drivers\usbuhci.sys [2012-09-20 32256]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2012-09-20 210304]
S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\windows\system32\drivers\VerifierExt.sys [2012-07-26 106224]
S3 vhdmp;vhdmp; C:\windows\System32\drivers\vhdmp.sys [2013-04-09 495336]
S3 VMBusHID;VMBusHID; C:\windows\System32\drivers\VMBusHID.sys [2012-07-26 22144]
S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\windows\System32\drivers\vpci.sys [2012-07-26 67824]
S3 WacomPen;@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver; C:\windows\System32\drivers\wacompen.sys [2012-07-26 27008]
S3 Wanarp;@%systemroot%\system32\rascfg.dll,-32011; C:\windows\system32\DRIVERS\wanarp.sys [2013-05-14 83456]
S3 WdBoot;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390; C:\windows\system32\drivers\WdBoot.sys [2013-07-02 36288]
S3 WdFilter;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330; C:\windows\system32\drivers\WdFilter.sys [2013-07-02 247216]
S3 WIMMount;WIMMount; C:\windows\system32\drivers\wimmount.sys [2012-07-26 33520]
S4 cdfs;CD/DVD File System Reader; C:\windows\system32\DRIVERS\cdfs.sys [2012-07-26 108544]
S4 udfs;udfs; C:\windows\system32\DRIVERS\udfs.sys [2012-07-26 321024]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-11-13 755240]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-08-27 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-09-06 1124288]
R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-15 135984]
R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 DcomLaunch;@combase.dll,-5012; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-11-26 1329304]
R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 EventSystem;@comres.dll,-2450; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 gpsvc;@gpapi.dll,-112; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-09-01 14904]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-21 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 277824]
R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2013-02-14 884512]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2013-01-19 75136]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-09-25 149296]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 RpcSs;@combase.dll,-5010; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\windows\system32\lsass.exe [2012-09-20 35840]
R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\windows\System32\spoolsv.exe [2012-07-26 769024]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\windows\system32\svchost.exe [2012-09-20 29696]
R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\windows\System32\svchost.exe [2012-09-20 29696]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 365376]
R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 Browser;@%systemroot%\system32\browser.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\windows\system32\svchost.exe [2012-09-20 29696]
R3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\windows\system32\lsass.exe [2012-09-20 35840]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\windows\System32\svchost.exe [2012-09-20 29696]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\windows\System32\svchost.exe [2012-09-20 29696]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-16 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-14 1260320]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\windows\system32\sppsvc.exe [2012-07-26 4881408]
S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\windows\System32\alg.exe [2012-07-26 94208]
S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 COMSysApp;@comres.dll,-947; C:\windows\system32\dllhost.exe [2012-07-26 10752]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-12-19 277640]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\windows\System32\lsass.exe [2012-09-20 35840]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\windows\system32\fxssvc.exe [2012-07-26 669696]
S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-02-05 651720]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-16 116648]
S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 KeyIso;@keyiso.dll,-100; C:\windows\system32\lsass.exe [2012-09-20 35840]
S3 KtmRm;@comres.dll,-2946; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MSDTC;@comres.dll,-2797; C:\windows\System32\msdtc.exe [2012-07-26 144384]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\windows\system32\msiexec.exe [2012-07-26 124416]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-09-25 272176]
S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\windows\SysWow64\perfhost.exe [2012-07-26 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\windows\system32\locator.exe [2012-07-26 9728]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\windows\servicing\TrustedInstaller.exe [2013-05-16 98304]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\windows\system32\UI0Detect.exe [2012-07-26 40960]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\windows\System32\vds.exe [2013-06-01 680960]
S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\windows\system32\vssvc.exe [2013-05-04 1483776]
S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\windows\system32\wbengine.exe [2012-07-26 1616896]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\windows\system32\svchost.exe [2012-09-20 29696]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\windows\System32\svchost.exe [2012-09-20 29696]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\windows\System32\svchost.exe [2012-09-20 29696]
S4 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\windows\system32\lsass.exe [2012-09-20 35840]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-12 139696]
S4 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\windows\System32\svchost.exe [2012-09-20 29696]
S4 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\windows\System32\svchost.exe [2012-09-20 29696]
S4 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\windows\System32\svchost.exe [2012-09-20 29696]
S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\windows\System32\svchost.exe [2012-09-20 29696]
S4 RemoteRegistry;@regsvc.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\windows\System32\snmptrap.exe [2012-07-26 14848]
S4 WebClient;@%systemroot%\system32\webclnt.dll,-100; C:\windows\system32\svchost.exe [2012-09-20 29696]
S4 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\windows\System32\svchost.exe [2012-09-20 29696]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola logu po odinstalovani bordelu

#3 Příspěvek od vyosek »

Zdravim :)

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
mistery
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 31 říj 2010 18:42

Re: Kontrola logu po odinstalovani bordelu

#4 Příspěvek od mistery »

Log z OTL.txt:

OTL logfile created on: 30.8.2013 12:55:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Miroslav\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

7,86 Gb Total Physical Memory | 5,79 Gb Available Physical Memory | 73,72% Memory free
15,86 Gb Paging File | 13,69 Gb Available in Paging File | 86,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 884,18 Gb Total Space | 739,07 Gb Free Space | 83,59% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 21,95 Gb Free Space | 87,81% Space Free | Partition Type: NTFS

Computer Name: MISTERY-NB | User Name: Miroslav | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.08.30 12:50:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Miroslav\Desktop\OTL.exe
PRC - [2013.08.24 19:49:56 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.07.28 11:34:55 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Miroslav\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2013.01.19 21:31:34 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.11.26 14:34:12 | 001,329,304 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2012.09.20 07:55:29 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
PRC - [2012.09.06 14:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012.09.01 18:07:22 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012.09.01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.08.27 18:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012.07.27 21:52:44 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
PRC - [2012.07.23 23:57:24 | 000,673,336 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
PRC - [2012.07.18 00:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.07.18 00:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.06.25 20:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.04.24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
PRC - [2012.03.29 04:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


========== Modules (No Company Name) ==========

MOD - [2013.08.24 19:49:53 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ppgooglenaclpluginchrome.dll
MOD - [2013.08.24 19:49:51 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\pdf.dll
MOD - [2013.08.24 19:49:01 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\libglesv2.dll
MOD - [2013.08.24 19:49:00 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\libegl.dll
MOD - [2013.08.24 19:48:58 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ffmpegsumo.dll
MOD - [2013.08.19 07:50:19 | 002,959,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\6c91ea2e73f76025bbd03f0db7b0951a\System.IdentityModel.ni.dll
MOD - [2013.08.19 07:49:38 | 000,366,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\ddbdad196d6ec27aca38e6e7b05a117b\IAStorUtil.ni.dll
MOD - [2013.08.19 07:49:33 | 000,802,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\d438e7ec4899763070e7b5db3f166373\System.ServiceModel.Internals.ni.dll
MOD - [2013.08.19 07:49:33 | 000,121,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3df2fdd27a3e685ce5dda8bce4956e5b\SMDiagnostics.ni.dll
MOD - [2013.08.16 10:45:50 | 001,075,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\1b00485b37f0c4fccca7911fd9ded2fd\System.ServiceModel.Web.ni.dll
MOD - [2013.08.16 10:43:12 | 007,566,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
MOD - [2013.08.16 10:43:06 | 001,880,576 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\123cf617d7b6b31c44e39f8594f064c5\System.Xaml.ni.dll
MOD - [2013.08.16 10:43:04 | 012,698,624 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3143512c68ba24d18b7444b13fae2abb\System.Windows.Forms.ni.dll
MOD - [2013.08.16 10:42:57 | 019,537,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\ff5e9ab48d262357d4c44a6d5be4bced\System.ServiceModel.ni.dll
MOD - [2013.08.16 10:42:46 | 002,786,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\945ba6fe50e8eb0db17d47f899d5f6c4\System.Runtime.Serialization.ni.dll
MOD - [2013.08.16 10:42:43 | 001,631,744 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
MOD - [2013.08.16 10:42:38 | 000,964,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\19ecec839509af76b1bc0ccbabd60acd\System.Configuration.ni.dll
MOD - [2013.08.16 10:42:37 | 000,467,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\cb65dcc8c60f33d257283ef1416a2175\PresentationFramework.Aero2.ni.dll
MOD - [2013.08.16 10:42:36 | 018,545,152 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\972bf4ffab06e561447d12baf3b3dfa9\PresentationFramework.ni.dll
MOD - [2013.08.16 10:42:26 | 010,926,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\5b504b7cd800dcd6c06d841d94ca099a\PresentationCore.ni.dll
MOD - [2013.08.16 10:42:20 | 003,910,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8ff5be01c9600b28d3e41db3dbafc840\WindowsBase.ni.dll
MOD - [2013.08.16 10:42:17 | 006,998,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\acf905c62ab9c1b77ca69e8b745e3fdb\System.Core.ni.dll
MOD - [2013.08.16 10:42:12 | 009,937,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
MOD - [2013.08.03 02:05:59 | 000,189,952 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\1f8e89f1344171031271d80ff21366ec\UIAutomationTypes.ni.dll
MOD - [2013.08.03 02:05:55 | 000,029,696 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\e95ff740f4c52eca60af5d2a3fd8cf2f\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2013.08.03 02:05:52 | 000,026,112 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\3baf6eefe8ca1de3ae7111a70e477255\IAStorCommon.ni.dll
MOD - [2013.07.10 20:25:02 | 016,547,328 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2013.07.02 02:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013.06.01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.05.14 23:18:15 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.05.04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.05.04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013.04.09 20:51:35 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.04.09 20:51:35 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.11.26 14:34:12 | 001,329,304 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2012.11.13 08:25:42 | 000,755,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.09.25 02:03:12 | 001,153,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012.09.25 02:02:54 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012.09.25 02:02:16 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.08.15 14:09:30 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.04.21 00:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013.02.14 03:44:10 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.05 22:52:59 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013.01.19 21:31:34 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.12.19 08:09:24 | 000,277,640 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.09.06 14:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012.09.01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.08.27 18:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.18 00:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.18 00:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.06.25 20:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.04.24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2012.01.05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.07.02 02:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.07.02 00:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.06.01 13:54:16 | 000,194,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.06.01 13:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.06.01 13:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013.06.01 05:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.05.04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.05.04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.04.09 20:51:30 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.04.09 20:51:29 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.04.09 20:51:29 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.02.14 03:44:10 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013.02.06 07:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudobex.sys -- (ssudobex)
DRV:64bit: - [2013.02.06 07:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013.02.06 07:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.01.17 01:24:33 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013.01.11 19:02:34 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.12.14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.11.29 15:27:36 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.11.29 15:27:36 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.11.29 15:27:34 | 000,188,896 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012.11.29 15:27:34 | 000,047,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.22 13:18:58 | 004,309,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.16 14:34:46 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2012.11.16 14:34:46 | 000,033,560 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2012.11.13 08:22:16 | 000,156,160 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.11.13 08:22:16 | 000,156,160 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012.10.08 09:21:08 | 000,149,592 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012.10.08 09:21:08 | 000,138,744 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012.10.08 09:21:06 | 000,211,344 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.09.05 05:30:20 | 000,318,800 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012.09.01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.08.29 18:36:54 | 000,857,472 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012.08.27 18:48:12 | 000,121,728 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012.08.27 09:48:34 | 008,227,216 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2012.08.06 21:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.04 13:48:00 | 000,093,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lgandnetndis64.sys -- (andnetndis)
DRV:64bit: - [2012.07.03 11:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2012.07.03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2012.06.19 16:40:51 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.06.14 03:10:32 | 000,102,376 | ---- | M] ("CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2012.06.13 12:24:02 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012.06.12 15:41:22 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.06.02 16:31:50 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2012.06.02 16:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {28687A87-7A66-412A-A7AF-32F572833906}
IE:64bit: - HKLM\..\SearchScopes\{28687A87-7A66-412A-A7AF-32F572833906}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {28687A87-7A66-412A-A7AF-32F572833906}
IE - HKLM\..\SearchScopes\{28687A87-7A66-412A-A7AF-32F572833906}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MALNJS


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3100529577-210449043-3099969227-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
IE - HKU\S-1-5-21-3100529577-210449043-3099969227-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-3100529577-210449043-3099969227-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/
IE - HKU\S-1-5-21-3100529577-210449043-3099969227-1002\..\SearchScopes,DefaultScope = {28687A87-7A66-412A-A7AF-32F572833906}
IE - HKU\S-1-5-21-3100529577-210449043-3099969227-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Miroslav\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Miroslav\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Miroslav\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Miroslav\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Miroslav\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Miroslav\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013.08.29 13:50:48 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL
CHR - Extension: Dokumenty Google = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Zen Spring = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\iccigcodfkejfabfbepnfoddhnlmimgo\1.0_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtsFT] C:\windows\RTFTrack.exe (Realtek semiconductor)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [IntellingentTouchpad] C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe (Microsoft)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-3100529577-210449043-3099969227-1002..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-3100529577-210449043-3099969227-1002..\Run: [Facebook Update] C:\Users\Miroslav\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Prevést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Prevést cíl vazby do existujícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Prevést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Pridat do stávajícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: Prevést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Prevést cíl vazby do existujícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Prevést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Pridat do stávajícího PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{480E19DE-7DC5-4891-ACF5-C92628695291}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FA26810-0018-4B21-BD25-27344B80EC78}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9340FDA-67EA-4EB8-B49F-B0027B900767}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{14597096-c6fd-11e2-bea7-6036dd43ce79}\Shell - "" = AutoRun
O33 - MountPoints2\{14597096-c6fd-11e2-bea7-6036dd43ce79}\Shell\AutoRun\command - "" = "G:\LGAutoRun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.clmp3enc - C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.08.30 12:50:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Miroslav\Desktop\OTL.exe
[2013.08.30 10:59:05 | 000,000,000 | ---D | C] -- C:\rsit
[2013.08.29 11:49:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013.08.29 10:33:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.08.27 16:19:29 | 000,000,000 | ---D | C] -- C:\Users\Miroslav\AppData\Roaming\Mozilla
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.08.30 12:57:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.08.30 12:50:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Miroslav\Desktop\OTL.exe
[2013.08.30 12:49:37 | 000,850,046 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.08.30 12:49:37 | 000,711,282 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.08.30 12:49:37 | 000,133,150 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.08.30 11:07:00 | 000,000,966 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA1ce50e6947643e6.job
[2013.08.30 10:58:26 | 000,832,273 | ---- | M] () -- C:\Users\Miroslav\Desktop\RSITx64.exe
[2013.08.29 11:54:54 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.08.29 11:54:49 | 2455,777,279 | -HS- | M] () -- C:\hiberfil.sys
[2013.08.29 11:40:00 | 000,000,940 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002Core.job
[2013.08.29 11:10:21 | 000,000,378 | ---- | M] () -- C:\Users\Miroslav\Documents\cc_20130829_111015.reg
[2013.08.29 11:09:51 | 000,001,802 | ---- | M] () -- C:\Users\Miroslav\Documents\cc_20130829_110946.reg
[2013.08.29 11:09:17 | 000,077,742 | ---- | M] () -- C:\Users\Miroslav\Documents\cc_20130829_110900.reg
[2013.08.29 10:33:28 | 000,002,266 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.08.30 12:57:02 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.08.30 10:58:19 | 000,832,273 | ---- | C] () -- C:\Users\Miroslav\Desktop\RSITx64.exe
[2013.08.29 11:10:19 | 000,000,378 | ---- | C] () -- C:\Users\Miroslav\Documents\cc_20130829_111015.reg
[2013.08.29 11:09:49 | 000,001,802 | ---- | C] () -- C:\Users\Miroslav\Documents\cc_20130829_110946.reg
[2013.08.29 11:09:13 | 000,077,742 | ---- | C] () -- C:\Users\Miroslav\Documents\cc_20130829_110900.reg
[2013.08.29 10:33:28 | 000,002,266 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.08.03 02:08:27 | 000,857,144 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013.06.17 21:11:25 | 000,000,001 | ---- | C] () -- C:\windows\SysWow64\SI.bin
[2013.01.19 21:31:35 | 000,189,248 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2013.01.19 21:31:34 | 000,075,136 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2013.01.19 21:31:32 | 003,123,272 | R--- | C] () -- C:\windows\SysWow64\pbsvc.exe
[2013.01.17 01:56:58 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013.01.17 01:56:18 | 000,007,609 | ---- | C] () -- C:\Users\Miroslav\AppData\Local\Resmon.ResmonCfg
[2012.12.14 02:42:30 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012.12.14 02:42:24 | 000,754,652 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2012.12.14 02:42:24 | 000,598,384 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2012.11.16 14:31:20 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | ---- | C] () -- C:\windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012.07.25 22:22:56 | 000,267,284 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin
[2012.07.25 22:22:54 | 000,963,376 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012.04.20 23:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2013.01.17 11:01:17 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.05.14 23:08:58 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.05.14 23:08:57 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.04.08 18:37:48 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2013.04.08 18:37:48 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2013.05.19 18:24:32 | 000,000,000 | ---D | M] -- C:\Users\Katarína\AppData\Roaming\IObit
[2013.04.13 22:12:29 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Hive Cluster
[2013.03.28 22:49:59 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\IObit
[2013.01.19 20:06:06 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Lenovo
[2013.07.27 20:12:43 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Red Alert 3
[2013.01.19 21:48:40 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Theta
[2013.05.20 20:19:37 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Ubisoft
[2013.01.19 20:08:09 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\WebApp

========== Purity Check ==========



========== Custom Scans ==========

< >
[2012.07.26 09:22:10 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2013.05.14 23:04:10 | 000,000,966 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA1ce50e6947643e6.job
[2013.05.27 18:28:24 | 000,000,928 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1005Core.job
[2013.07.07 09:53:53 | 000,000,980 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002UA.job
[2013.07.12 00:07:13 | 000,000,962 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore1ce7e82ff658359.job
[2013.07.12 17:37:42 | 000,000,928 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002Core1ce7f15bfd2cbcc.job
[2013.07.16 08:08:30 | 000,000,980 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1005UA1ce81eae54976b4.job
[2013.07.28 11:35:02 | 000,000,940 | ---- | C] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002Core.job
[2013.07.28 11:35:02 | 000,000,962 | ---- | C] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002UA.job
Nahoru
mistery
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 31 říj 2010 18:42

Re: Kontrola logu po odinstalovani bordelu

#5 Příspěvek od mistery »

pokracovanie...

< >

< MD5 for: ATAPI.SYS >
[2012.07.26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\windows\SysNative\drivers\atapi.sys
[2012.07.26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_69660e2be041f47b\atapi.sys
[2012.07.26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_b733d17ea1e7f604\atapi.sys
[2012.07.26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_3601cf7eab4e0493\atapi.sys
[2012.07.26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16548_none_36311422ab29f479\atapi.sys
[2012.07.26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.20652_none_36a9df45c455182a\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2013.06.16 11:50:32 | 000,040,790 | ---- | M] () MD5=1F5DFA4DFAF766550980A2FF44548697 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_3abd94ae4b8558e6\autochk.exe
[2013.06.25 22:07:16 | 000,000,619 | ---- | M] () MD5=227AF714FB4AF4835C57EEE88F715C08 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_df774bf9ac0a075d\autochk.exe
[2013.05.15 04:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\SysWOW64\autochk.exe
[2013.05.15 04:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_dee8adbc92f0e8e0\autochk.exe
[2013.06.25 22:07:15 | 000,034,714 | ---- | M] () MD5=A1CB427ED8FF14D008AB55C5B2990AF6 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_de9ef92a9327e7b0\autochk.exe
[2013.06.16 11:50:36 | 000,000,596 | ---- | M] () MD5=B9AB1CBFB7ABE5A6E8E70427465F166B -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_3b95e77d64677893\autochk.exe
[2013.05.15 04:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\windows\SysNative\autochk.exe
[2013.05.15 04:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_3b0749404b4e5a16\autochk.exe

< MD5 for: CDROM.SYS >
[2012.07.26 04:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\windows\SysNative\drivers\cdrom.sys
[2012.07.26 04:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_cf04adb457be1724\cdrom.sys
[2012.07.26 04:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.2.9200.16384_none_b87303472d8ba041\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2013.06.01 13:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\explorer.exe
[2013.06.01 13:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1\explorer.exe
[2013.07.13 16:46:25 | 000,190,101 | ---- | M] () MD5=2CB0B695DF1962A892321A553AEBE0FA -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4\explorer.exe
[2013.07.13 16:46:21 | 000,191,911 | ---- | M] () MD5=3341FB917B3F9D2AAE2C8253C4783CDE -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2013.07.13 12:02:43 | 000,217,360 | ---- | M] () MD5=373313B9E44A97F98CFA4CF729BC81CF -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9\explorer.exe
[2013.06.16 12:03:48 | 000,188,441 | ---- | M] () MD5=496C5A35B86FF9FD6E98E3DBA685C0AC -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2013.06.25 21:16:36 | 000,004,958 | ---- | M] () MD5=886DBACDA0C17214263917696792F923 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2013.07.13 12:02:29 | 000,220,310 | ---- | M] () MD5=8CEAB77BBC3A6CDB7E528BA60130131F -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe
[2013.06.16 12:03:50 | 000,003,739 | ---- | M] () MD5=D298846CD2FB903E38A2C223A19A0DB0 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2013.06.25 21:16:33 | 000,145,657 | ---- | M] () MD5=E18410BDBE22147EB3C4A3876830341D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2013.06.01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\SysWOW64\explorer.exe
[2013.06.01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdc\explorer.exe

< MD5 for: HAL.DLL >
[2013.06.16 12:04:28 | 000,011,988 | ---- | M] () MD5=099BE8332779D2783DFF9FC6EEE97F2F -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16384_none_03f29a08e36e6d4c\hal.dll
[2013.06.16 12:04:29 | 000,008,477 | ---- | M] () MD5=223274C3FF92A8E92A859D6F4DE81B0C -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16405_none_044a1b98e32ca442\hal.dll
[2013.06.16 12:04:30 | 000,001,298 | ---- | M] () MD5=5337075B4B7EEA12E316D4F63CB2BABB -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16420_none_042f7a4ee3415d71\hal.dll
[2013.06.16 12:04:30 | 000,002,020 | ---- | M] () MD5=5B2E063A4F4B9AECB554BA56670B6273 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20544_none_04a77869fc6b9a79\hal.dll
[2013.06.16 12:04:30 | 000,001,310 | ---- | M] () MD5=8759A5F1C6301AAA11F4F75462854A58 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20521_none_04ba1763fc5e1692\hal.dll
[2013.06.16 12:04:29 | 000,012,277 | ---- | M] () MD5=DEF24F3AFF18C79E087FF9D9F783E66A -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16399_none_03eccb8ee37207f0\hal.dll
[2012.10.24 06:54:04 | 000,396,008 | ---- | M] (Microsoft Corporation) MD5=F021625F422966AD31F95CC494F7D188 -- C:\windows\SysNative\hal.dll
[2012.10.24 06:54:04 | 000,396,008 | ---- | M] (Microsoft Corporation) MD5=F021625F422966AD31F95CC494F7D188 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16442_none_041bdb0ae34fc801\hal.dll

< MD5 for: SCECLI.DLL >
[2012.07.26 05:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\windows\SysNative\scecli.dll
[2012.07.26 05:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_90d789c062dfa509\scecli.dll
[2012.07.26 05:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\SysWOW64\scecli.dll
[2012.07.26 05:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_9b2c341297406704\scecli.dll

< MD5 for: SERVICES.EXE >
[2012.09.20 08:33:46 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=8F226143046435C75C033B0C52E90FFE -- C:\windows\SysNative\services.exe
[2012.09.20 08:33:46 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=8F226143046435C75C033B0C52E90FFE -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16420_none_981f4d19863a6591\services.exe
[2013.06.25 20:38:50 | 000,001,252 | ---- | M] () MD5=D009DC018D49642999148BB1343DF0DC -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.20521_none_98a9ea2e9f571eb2\services.exe
[2013.06.25 20:38:44 | 000,038,189 | ---- | M] () MD5=D88F8C21842447E60DBCF361772C1D52 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16384_none_97e26cd38667756c\services.exe

< MD5 for: SVCHOST.EXE >
[2013.06.25 20:43:35 | 000,002,873 | ---- | M] () MD5=0946817BB7D3B7F5F707CEBF079641DF -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe
[2013.06.25 22:19:17 | 000,003,208 | ---- | M] () MD5=22DC85C667EFF39E06521EE95F0BB45D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
[2013.06.25 22:19:17 | 000,000,583 | ---- | M] () MD5=68ED76ADF096A8A3BCABD56DD98A349A -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe
[2013.06.25 20:43:36 | 000,000,609 | ---- | M] () MD5=717AEB1F0EDBCA980878F1828635834A -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_0f4c7e60a8019d22\svchost.exe
[2012.09.20 07:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\SysWOW64\svchost.exe
[2012.09.20 07:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe
[2012.09.20 08:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\windows\SysNative\svchost.exe
[2012.09.20 08:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_0ec1e14b8ee4e401\svchost.exe

< MD5 for: TCPIP.SYS >
[2013.08.22 10:30:08 | 000,374,013 | ---- | M] () MD5=06719FAEC2FB2AB3A2F8B5311B30433A -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16399_none_0be1eb3cf02e1191\tcpip.sys
[2013.07.09 08:07:17 | 002,233,168 | ---- | M] (Microsoft Corporation) MD5=1794C43A000A47D92B3304FC1E3E512A -- C:\windows\SysNative\drivers\tcpip.sys
[2013.07.09 08:07:17 | 002,233,168 | ---- | M] (Microsoft Corporation) MD5=1794C43A000A47D92B3304FC1E3E512A -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16659_none_0c0d309ef00d9942\tcpip.sys
[2013.08.22 10:30:11 | 000,372,358 | ---- | M] () MD5=3D106C51FC729C842B24684E4C60D150 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16420_none_0c2499fceffd6712\tcpip.sys
[2013.08.22 10:30:26 | 000,370,651 | ---- | M] () MD5=3F994086D867A7FFB3650DFF23D1FBC3 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20623_none_0cb1398c09185008\tcpip.sys
[2013.08.22 10:30:17 | 000,253,079 | ---- | M] () MD5=4CF1C2541B9817958020DC5545C1D4FC -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16548_none_0c16fe5af00666d3\tcpip.sys
[2013.08.22 10:30:14 | 000,370,651 | ---- | M] () MD5=56A7C67F3500CFAB58F51B15A621AA1D -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16518_none_0c376e1eefee1300\tcpip.sys
[2013.08.22 10:30:04 | 000,370,211 | ---- | M] () MD5=5AFBC9F78ABB97DDAAC2DD2F01764DF4 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16384_none_0be7b9b6f02a76ed\tcpip.sys
[2013.08.22 10:30:29 | 000,369,579 | ---- | M] () MD5=695074249DF8570E343266CE1A1EA6F2 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20652_none_0c8fc97e09318a84\tcpip.sys
[2013.08.22 10:30:23 | 000,372,354 | ---- | M] () MD5=C9D9B8E5545EE072BD23B1D876022821 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20521_none_0caf3712091a2033\tcpip.sys
[2013.07.13 12:08:02 | 000,360,561 | ---- | M] () MD5=E831DB488B8852CBEE0DDE1472514EC2 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20733_none_0ca66b8609206920\tcpip.sys
[2013.08.22 10:30:20 | 000,225,794 | ---- | M] () MD5=EB34B6BAAEC448A94D5E9BAD7BDE46CC -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16628_none_0c2ca018eff62c18\tcpip.sys
[2013.08.22 10:30:32 | 000,354,834 | ---- | M] () MD5=FAFD2EFEE36DB1BD2EB80BAA4228C847 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20767_none_0c89fcea0935224f\tcpip.sys

< MD5 for: USERINIT.EXE >
[2012.07.26 05:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\windows\SysNative\userinit.exe
[2012.07.26 05:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe
[2012.07.26 05:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\SysWOW64\userinit.exe
[2012.07.26 05:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013.06.25 21:02:30 | 000,053,884 | ---- | M] () MD5=1052677741F46044E698ADE5754FA2B0 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe
[2013.06.25 21:02:29 | 000,053,876 | ---- | M] () MD5=38A21E93E74A93A99457E1C2E218A8B7 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe
[2013.06.25 21:02:30 | 000,001,620 | ---- | M] () MD5=79D48ACA8E919C4442A141CF41330893 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe
[2012.10.11 07:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\windows\SysNative\winlogon.exe
[2012.10.11 07:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
[2013.06.25 21:02:28 | 000,053,889 | ---- | M] () MD5=EB77A9AC52B19C1E399C7D0FE96FC83F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\windows\Inf\Intel Storage Counters\*.tmp files -> C:\windows\Inf\Intel Storage Counters\*.tmp -> ]
[1 C:\windows\Inf\Intel Storage Counters\0000\*.tmp files -> C:\windows\Inf\Intel Storage Counters\0000\*.tmp -> ]
[1 C:\windows\Inf\Intel Storage Counters\0009\*.tmp files -> C:\windows\Inf\Intel Storage Counters\0009\*.tmp -> ]
[1 C:\windows\Inf\Intel Storage Counters\001B\*.tmp files -> C:\windows\Inf\Intel Storage Counters\001B\*.tmp -> ]
[2 C:\windows\Panther\*.tmp files -> C:\windows\Panther\*.tmp -> ]
[4 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]
[1 C:\windows\WinSxS\*.tmp files -> C:\windows\WinSxS\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.02.05 23:08:30 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Adobe
[2013.05.14 22:53:04 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Apple Computer
[2013.01.19 20:06:04 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\CyberLink
[2013.04.13 22:12:29 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Hive Cluster
[2013.04.11 21:06:24 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\InstallShield
[2013.08.03 01:21:28 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Intel
[2013.08.03 02:08:32 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Intel Corporation
[2013.08.03 01:41:44 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Intel WiDi
[2013.03.28 22:49:59 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\IObit
[2013.01.19 20:06:06 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Lenovo
[2013.01.16 21:13:08 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Macromedia
[2013.07.02 18:56:19 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Malwarebytes
[2013.08.28 16:30:03 | 000,000,000 | --SD | M] -- C:\Users\Miroslav\AppData\Roaming\Microsoft
[2013.08.27 16:19:29 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Mozilla
[2013.02.20 22:15:10 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\NVIDIA
[2013.07.27 20:12:43 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Red Alert 3
[2013.01.19 21:48:40 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Theta
[2013.05.20 20:19:37 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\Ubisoft
[2013.01.19 20:08:09 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\WebApp
[2013.01.17 23:03:45 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.08.29 11:40:00 | 000,000,940 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002Core.job
[2013.07.28 11:35:02 | 000,000,962 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002UA.job
[2013.07.12 00:07:13 | 000,000,962 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore1ce7e82ff658359.job
[2013.08.30 13:07:00 | 000,000,966 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA1ce50e6947643e6.job
[2013.07.12 17:37:43 | 000,000,928 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002Core1ce7f15bfd2cbcc.job
[2013.07.07 09:53:53 | 000,000,980 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002UA.job
[2013.08.19 08:13:00 | 000,000,928 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1005Core.job
[2013.07.16 08:08:31 | 000,000,980 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1005UA1ce81eae54976b4.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.08.29 11:57:36 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AlcoholAutomount" = "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount -- [2012.01.05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team)
"OfficeSyncProcess" = "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" -- [2012.01.20 22:03:48 | 000,719,672 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Miroslav\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2013.05.14 23:04:02 | 000,116,648 | ---- | M] (Google Inc.)
"Facebook Update" = "C:\Users\Miroslav\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2013.07.28 11:34:55 | 000,138,096 | ---- | M] (Facebook Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.07.26 05:49:06 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=7BA1862B8A5698DC5FCFDFF3BC359DE9 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.08.24 19:49:56 | 000,829,392 | ---- | M] (Google Inc.) MD5=8E436BD0D9C2CB57306070DFEA3D4513 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.08.30 12:57:02 | 000,000,512 | ---- | M] () MD5=A3FD721B07F87DC5FFD073D2779AAFBC -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2009.02.13 12:59:54 | 000,002,646 | ---- | M] () -- \Program Files (x86)\1C Company\King's Bounty Crossworlds\editor\thumbnails\th_cave1_crack1.png
[2009.02.13 12:59:26 | 000,001,684 | ---- | M] () -- \Program Files (x86)\1C Company\King's Bounty Crossworlds\editor\thumbnails\th_cave1_crack2.png
[2009.02.13 12:59:58 | 000,002,006 | ---- | M] () -- \Program Files (x86)\1C Company\King's Bounty Crossworlds\editor\thumbnails\th_cave1_crack3.png
[2007.06.13 16:01:48 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2007.06.13 16:01:48 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2007.06.13 16:01:50 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2007.06.13 16:01:50 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2007.06.13 16:01:50 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2007.06.13 16:01:48 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2007.06.13 16:01:48 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2007.06.13 16:01:50 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2007.06.13 16:01:46 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2007.06.13 16:01:46 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2007.06.13 16:01:48 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2007.06.13 16:01:10 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce01
[2007.06.13 16:01:12 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce02
[2007.06.13 16:01:10 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce03
[2007.06.13 16:01:12 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce04
[2007.06.13 16:01:10 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce05
[2007.06.13 16:01:12 | 000,017,490 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedTree
[2007.06.13 16:10:44 | 000,017,491 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapTile\MapObjects\_(AdvMapTile)\Sand\Sand_Cracked

< *keygen* /s >

< *loader* /s >
[2008.03.18 08:31:00 | 000,009,216 | R--- | M] () -- \Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\AutoCAD\OD\AecDummyLoader_2.05_8.dll
[2009.05.23 03:38:52 | 000,061,952 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\coloader80.dll
[2009.05.22 22:27:34 | 000,004,608 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\coloader80.tlb
[2010.10.07 05:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.05.26 03:47:16 | 000,126,064 | ---- | M] () -- \Program Files (x86)\Lenovo\PowerDVD10\PK\Koan\pyloader.dll
[2012.05.26 03:47:16 | 000,028,238 | ---- | M] () -- \Program Files (x86)\Lenovo\PowerDVD10\PK\subsys\PyImpLoader\PyImpLoader.kc
[2012.05.26 03:47:16 | 000,121,968 | ---- | M] () -- \Program Files (x86)\Lenovo\PowerDVD10\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2012.05.18 08:15:48 | 000,010,781 | ---- | M] () -- \Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2012.05.18 08:15:50 | 000,003,492 | ---- | M] () -- \Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\widget\langloader.kc
[2012.05.18 08:15:50 | 000,013,453 | ---- | M] () -- \Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\widget\layoutloader.kc
[2012.08.01 03:15:46 | 000,010,775 | ---- | M] () -- \Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2012.08.01 03:15:48 | 000,003,567 | ---- | M] () -- \Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2012.08.01 03:15:48 | 000,013,369 | ---- | M] () -- \Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2012.08.03 20:36:42 | 000,127,504 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\Koan\pyloader.dll
[2012.07.27 21:52:42 | 000,020,119 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\PyUploader.kc
[2012.07.27 21:52:42 | 000,232,560 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\_PyUploader.pyd
[2012.07.24 20:28:46 | 000,167,720 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\YouCam\CES_3DLoaderC3S.dll
[2012.07.24 20:28:46 | 002,525,480 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2012.11.01 09:32:14 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.11.01 09:32:44 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.05.21 14:03:06 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.09.04 23:34:12 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2012.10.17 11:13:16 | 000,329,056 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2012.10.17 11:10:06 | 000,292,352 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2010.10.07 05:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.07.26 09:54:36 | 000,039,485 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Bing_1.2.0.137_x64__8wekyb3d8bbwe\shell\js\backgroundImageLoader.js
[2013.01.16 22:43:02 | 000,032,157 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe\shell\js\backgroundImageLoader.js
[2013.01.17 23:53:27 | 000,000,489 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_1.6.4.30605_x86__8wekyb3d8bbwe\ApplicationLoader.xaml
[2013.01.17 23:54:33 | 000,001,942 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_1.6.4.30605_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderControl.xaml
[2013.07.27 01:07:22 | 000,012,800 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.NetworkSpeedTest_1.0.0.23_x64__8wekyb3d8bbwe\HotspotUploader.dll
[2012.07.26 09:53:30 | 000,002,809 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2012.07.26 09:53:31 | 000,001,583 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2012.07.26 09:53:31 | 000,001,711 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2012.07.26 09:53:31 | 000,002,509 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2012.07.26 09:53:32 | 000,002,394 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2012.07.26 09:53:32 | 000,005,028 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2013.03.30 09:22:41 | 000,002,089 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2013.03.30 09:23:05 | 000,001,326 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2013.01.16 22:49:20 | 000,001,208 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2013.03.30 09:23:05 | 000,002,552 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2013.03.30 09:23:11 | 000,001,915 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2013.03.30 09:23:14 | 000,005,019 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2013.03.30 09:22:41 | 000,002,089 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2013.03.30 09:23:05 | 000,001,326 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2013.01.16 22:49:20 | 000,001,208 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2013.03.30 09:23:05 | 000,002,552 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2013.03.30 09:23:11 | 000,001,915 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2013.03.30 09:23:14 | 000,005,019 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2012.07.26 09:54:33 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013.05.02 20:45:13 | 000,046,874 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.3.10.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2012.07.26 09:54:09 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013.05.17 20:35:05 | 000,053,549 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.3.59.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013.05.17 20:35:05 | 000,053,549 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.4.18.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2012.07.26 09:54:17 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013.05.17 20:35:11 | 000,053,549 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.3.59.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013.08.15 19:21:32 | 000,053,822 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.41.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2012.06.09 20:19:37 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.03.21 22:24:36 | 000,005,474 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader.log
[2013.03.21 22:24:36 | 000,005,474 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader.log
[2013.08.29 11:16:55 | 000,002,942 | ---- | M] () -- \Users\Miroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5UIUPSO8\rmsloaderdelayed[1].js
[2013.08.29 11:18:43 | 000,035,161 | ---- | M] () -- \Users\Miroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D61DUIHN\loader.cxp[1].js
[2013.07.27 21:44:57 | 000,042,496 | ---- | M] () -- \Users\Miroslav\AppData\Local\Packages\Microsoft.NetworkSpeedTest_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\HotspotUploader\05cef95184664ab3962664fb242168a5\HotspotUploader.ni.dll
[2013.07.27 21:44:57 | 000,002,484 | ---- | M] () -- \Users\Miroslav\AppData\Local\Packages\Microsoft.NetworkSpeedTest_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\HotspotUploader\05cef95184664ab3962664fb242168a5\HotspotUploader.ni.dll.aux
[2013.08.21 13:23:51 | 000,042,496 | ---- | M] () -- \Users\Miroslav\AppData\Local\Packages\Microsoft.NetworkSpeedTest_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\HotspotUploader\d3741e473f370fbe3c2f11222d72b2cc\HotspotUploader.ni.dll
[2013.08.21 13:23:51 | 000,002,484 | ---- | M] () -- \Users\Miroslav\AppData\Local\Packages\Microsoft.NetworkSpeedTest_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\HotspotUploader\d3741e473f370fbe3c2f11222d72b2cc\HotspotUploader.ni.dll.aux
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.07.26 04:46:24 | 000,003,072 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.07.26 04:46:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2012.07.26 04:46:36 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2012.07.26 05:18:20 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.07.26 04:46:24 | 000,003,072 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.07.26 04:46:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2012.07.26 04:46:36 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2012.07.26 05:18:20 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1 \Windows\WinSxS\*.tmp files -> \Windows\WinSxS\*.tmp -> ]
[2012.07.26 06:53:16 | 001,084,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16384_none_891afac5ef497dae\hvloader.efi
[2012.07.26 06:53:16 | 000,998,128 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16384_none_891afac5ef497dae\hvloader.exe
[2012.10.11 10:42:55 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16433_none_89500bfdef21d5c9\hvloader.efi
[2012.10.11 10:42:55 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16433_none_89500bfdef21d5c9\hvloader.exe
[2013.04.09 20:51:35 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16548_none_894a3f69ef256d94\hvloader.efi
[2013.04.09 20:51:35 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16548_none_894a3f69ef256d94\hvloader.exe
[2013.04.09 20:51:35 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16579_none_892acfefef3cdabe\hvloader.efi
[2013.05.14 23:18:06 | 000,998,152 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16579_none_892acfefef3cdabe\hvloader.exe
[2013.06.01 14:02:14 | 001,084,160 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16628_none_895fe127ef1532d9\hvloader.efi
[2013.06.01 14:02:14 | 000,998,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16628_none_895fe127ef1532d9\hvloader.exe
[2012.10.11 09:29:20 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20534_none_89daa913083e8eea\hvloader.efi
[2012.10.11 09:29:20 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20534_none_89daa913083e8eea\hvloader.exe
[2013.04.09 20:51:34 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20652_none_89c30a8d08509145\hvloader.efi
[2013.04.09 20:51:34 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20652_none_89c30a8d08509145\hvloader.exe
[2013.04.09 20:51:34 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20683_none_89a39b130867fe6f\hvloader.efi
[2013.05.14 23:18:05 | 000,998,152 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20683_none_89a39b130867fe6f\hvloader.exe
[2013.06.01 14:49:37 | 001,084,160 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20733_none_89d9ac95083f6fe1\hvloader.efi
[2013.06.01 14:49:37 | 000,998,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20733_none_89d9ac95083f6fe1\hvloader.exe
[2012.07.26 05:05:30 | 000,047,616 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_9ebdc35619670551\dmloader.dll
[2012.07.26 04:35:54 | 000,003,072 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.07.26 04:35:54 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-libraryloader-l1-1-1.dll
[2012.07.26 04:35:58 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-stringloader-l1-1-0.dll
[2012.07.26 09:50:59 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a.manifest
[2012.07.26 09:50:59 | 000,029,936 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winload.efi.mui_35ee487d
[2012.07.26 09:50:59 | 000,029,936 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winload.exe.mui_3bc5b827
[2012.07.26 09:50:59 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winresume.efi.mui_f412814e
[2012.07.26 09:50:59 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winresume.exe.mui_ff8b5358
[2013.07.10 22:50:13 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a.manifest
[2013.07.10 22:50:13 | 001,403,296 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winload.efi_75834aa0
[2013.07.10 22:50:13 | 001,271,584 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winload.exe_75835076
[2013.07.10 22:50:13 | 001,217,352 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winresume.efi_85cd069f
[2013.07.10 22:50:13 | 001,093,904 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winresume.exe_85cd1215
[2012.07.26 10:11:35 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2012.07.26 09:49:33 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a.manifest
[2012.07.26 07:00:58 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16384_none_b3f06196f66b163f.manifest
[2012.09.01 10:42:05 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16409_none_b44be44ef625b291.manifest
[2012.09.20 10:33:02 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16420_none_b42d41dcf63e0664.manifest
[2012.10.11 09:33:59 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16433_none_b42572cef6436e5a.manifest
[2013.05.14 23:17:09 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16579_none_b40036c0f65e734f.manifest
[2013.06.01 13:31:54 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a.manifest
[2012.09.20 11:24:25 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20521_none_b4b7def20f5abf85.manifest
[2012.10.11 09:26:48 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20534_none_b4b00fe40f60277b.manifest
[2013.05.14 23:17:09 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20683_none_b47901e40f899700.manifest
[2013.06.01 14:10:50 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20733_none_b4af13660f610872.manifest
[2012.07.26 05:18:20 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_429f27d26109941b\dmloader.dll
[2012.07.26 04:46:24 | 000,003,072 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.07.26 04:46:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-1.dll
[2012.07.26 04:46:36 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-stringloader-l1-1-0.dll

< End of report >
Nahoru
mistery
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 31 říj 2010 18:42

Re: Kontrola logu po odinstalovani bordelu

#6 Příspěvek od mistery »

Log z Extras.Txt:

OTL Extras logfile created on: 30.8.2013 12:55:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Miroslav\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

7,86 Gb Total Physical Memory | 5,79 Gb Available Physical Memory | 73,72% Memory free
15,86 Gb Paging File | 13,69 Gb Available in Paging File | 86,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 884,18 Gb Total Space | 739,07 Gb Free Space | 83,59% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 21,95 Gb Free Space | 87,81% Space Free | Partition Type: NTFS

Computer Name: MISTERY-NB | User Name: Miroslav | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3100529577-210449043-3099969227-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{18FC9EAD-2666-46E3-B7C0-4F5B50610461}" = lport=10243 | protocol=6 | dir=in | app=system |
"{29FC0A14-8DD4-42EB-AEE8-A12FA88697C7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33E9C088-E949-47A6-860F-F97E8E57731A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{3CAD72A2-6C55-4ED1-876D-35C20DF9B697}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3E2DB34D-87F2-491F-A6F2-65346D63FBA6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5109FAEB-766B-435F-8FBF-2DBFB6DD211C}" = lport=138 | protocol=17 | dir=in | app=system |
"{5673A1EA-E87E-451E-9261-02FE26007ABB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{56A7C4BE-0CC1-4797-B440-03221D206E41}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{58A36679-1327-47EA-991F-13F64D0CB2FA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5A482198-379B-46D3-84A3-B6071AE12F5E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5FC58211-095E-41DB-B2A1-211B4AAB8693}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{70F0FE14-2203-4A6B-A16B-FB8878E052CF}" = lport=139 | protocol=6 | dir=in | app=system |
"{7ACD0B88-67F8-4984-9ED6-30B2C2F344CB}" = lport=445 | protocol=6 | dir=in | app=system |
"{804946C9-4483-452B-BD9B-324BDCAFB115}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{83B579B9-7140-45C1-9093-9653DBCA00A1}" = rport=138 | protocol=17 | dir=out | app=system |
"{91F52AFD-FCBD-4C1D-92DC-51077A61105E}" = rport=445 | protocol=6 | dir=out | app=system |
"{93CEBB0D-92DF-423D-AEC0-3B09D445A883}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A802011B-AE0D-4389-B311-D79EA448CAC0}" = rport=139 | protocol=6 | dir=out | app=system |
"{C1948B75-3CB0-4D22-8815-A7B8A06E5496}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C66356CC-8EEB-447A-9297-267FADBAF06C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CDC6BC52-BAC8-4A87-B29C-83CDCD83BF5D}" = rport=137 | protocol=17 | dir=out | app=system |
"{F40B7FBE-C1DC-414A-B20C-C461DC1FE6D2}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C9045-D856-4346-A08F-B4AD35FBBC9E}" = dir=out | name=lenovo companion |
"{0048F43B-FCCA-4EC1-B96E-FAADD2CD8355}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{01D1D6A0-252A-423C-AA65-0B7FD62928FE}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd10.exe |
"{041CC21B-5D5A-4B0C-B5BC-218818E5A0D5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{04757B35-FAB8-4087-B64E-EF9A1BABD9E4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{08184800-3427-4127-A6B4-AD5C4022EDDE}" = dir=in | name=mcafee security advisor for lenovo |
"{0E86EFA1-CB33-43C3-8079-67BAB387F1E7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{110474BB-6E45-432C-AB00-ADF4F1E84CAB}" = dir=out | name=microsoft solitaire collection |
"{112A6374-0C18-4565-BEAA-208EA49DB64C}" = dir=out | name=@{44352gadgetwe.unitconversion_1.0.1.4_neutral__wrnqd43hr7tc6?ms-resource://44352gadgetwe.unitconversion/resources/appstorename} |
"{11DF533E-72E6-4D70-AAF9-002906A09971}" = dir=out | name=@{microsoft.zunemusic_1.4.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{12345CD3-024C-4845-9E28-B353DEAFDA04}" = dir=out | name=skype |
"{17005B5E-201D-4218-8E45-5B490443D343}" = dir=out | name=evernote touch |
"{1EA986DB-08E6-4BF7-9A12-3B0EE9E724D6}" = dir=in | name=evernote touch |
"{205FC7CC-BE47-4CE0-A1EE-B93603AC06D0}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{207F1CDB-D1C3-42BD-B748-B7351A0B0FA5}" = dir=out | name=powerdvd for lenovo idea |
"{20B626F5-B726-4CC2-BEA2-715A21274D26}" = dir=out | name=google search |
"{26E13549-2968-4169-A8E2-D08FE48DE159}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{27B89D36-BB2B-4AAC-89D5-E3AE21C85E45}" = dir=out | name=accuweather for windows 8 |
"{2D94E87D-1EF9-4EE3-B640-DEDF9714EC2D}" = dir=out | name=sector.sk |
"{358029B1-E581-4A23-96DA-A3904AED18BC}" = dir=out | name=angličtina premium sk |
"{39259DB7-E960-446A-AACC-603F04611FD2}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{39F62F93-D95F-45C7-9FD1-AAC023085254}" = dir=out | name=windows_ie_ac_001 |
"{3A9D4BFF-947E-45A5-AC1F-8072E6F2D874}" = dir=out | name=pluska.sk počasie |
"{3B7D70BB-8F61-4156-8202-BC69C25054DA}" = dir=in | name=skype |
"{3C3B6171-41F3-49F6-84E5-7040513AB0E2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{4614D087-7BE5-42EF-BA09-CED25E11940F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{46A1CAA9-65B3-47D7-975A-D916788385EE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{46B37361-18A0-4235-9483-EAC240FB7A0D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{470231FF-E7A0-4327-9A2F-997DC17AB3F2}" = dir=out | name=@{microsoft.bingfinance_2.0.0.275_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{4A478FD2-7CCA-4D7C-9ABB-EBF23772990A}" = dir=out | name=@{59065ifinapps.financialderivatives_1.0.3.3_neutral__vzncd9r6140ej?ms-resource://59065ifinapps.financialderivatives/resources/displayappname} |
"{4B93BDFC-9CE2-4537-8F76-F787D677BBE0}" = dir=in | name=evernote touch |
"{4CEB795E-4F20-4F4D-83D4-B65D057330B3}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{4D350792-C718-41B8-A4C0-5163B2CDFC64}" = dir=out | name=pravda |
"{4D3FB481-9AC7-442A-8BE8-1A483F395870}" = dir=in | name=skype |
"{4E1FDB97-5C83-4E14-BF0B-5558200915FC}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{503C1066-7B23-454E-B48A-EE9A7BE02DE7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{50A7FF24-A39A-4A3F-B06E-C1F9BAEE0F0C}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{5136F1AB-FA5B-4077-A725-2D2F7877FAE9}" = dir=out | name=facebook one |
"{516D87BB-BF50-4B18-A88C-26FDE67A1D36}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{532A6B46-6039-4C3E-80A8-1FE0024CED53}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{5338E605-B4ED-490E-873A-47DA360CAE4C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{5345B9AC-BEEA-4905-957D-67AAD489CDF3}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{587346D4-C2E0-45FD-BAA9-87C52ACE55E7}" = dir=in | app=c:\users\miroslav\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{58C2A1DD-D543-4577-A6FE-5A84BC7698BF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{58E1CC02-D1DB-491F-8397-98F7C84E7FD1}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{59D32986-7898-480F-A88B-D8AED03D55DA}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{5D095A88-ABC5-4CBF-BC19-427660BD094E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{5D249C46-C45F-48DD-B5C0-7B89DE94AE83}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{5D9811BB-B2F3-47E3-914E-9DC707084C6A}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{66C62764-C07B-4C35-9CBA-9FC961101B73}" = dir=out | name=cute cat of the day |
"{671F0437-334B-468B-A330-A1575BA483CA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6C3DF770-24AF-4892-B487-3D1FA34EAE52}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6D7BA511-68AB-4EE3-B188-AC6264ABC8FC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6F1A1862-4F2C-43E2-BC0E-7EA87A4D4CBF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6F677EC4-6EC4-47B0-86B9-7D76933AF386}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75F9A86B-CEB2-4FED-BD1C-D5ABAEA94449}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{77A7EF59-2534-490B-9666-9D237AFC4176}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{7F7F476B-F94D-4FF4-BCE2-6AF29405D894}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{828DE45B-0437-49F1-A0C3-F861F81AE2E3}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{83CB7964-4FCB-4B86-B4B1-52E9AEFB2BB2}" = dir=out | name=powerdvd for lenovo idea |
"{84E932CA-F734-4B4B-8B20-CAAD32CA7111}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{865F6BBB-E049-448A-8A8F-24A4D21B9594}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{8B980017-84A1-46D2-99BF-1F8DB3C65842}" = dir=out | name=accuweather for windows 8 |
"{8D1239CC-CDD6-41B6-A2D6-E2903B223C6F}" = dir=out | name=lenovo companion |
"{99FFA597-99D9-46DE-80F6-DD4EAB731AB5}" = dir=out | name=microsoft solitaire collection |
"{9C0332A8-AFD3-4DC8-8779-4A9DD91E6B67}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{9D3D5C3F-90AD-4E41-9BE1-E77EE05D7D0C}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{9EF77900-0D01-4141-80AF-7B825C770FF2}" = dir=out | name=skype |
"{A0B7E861-3901-4F25-83AE-46B8816F0511}" = dir=out | name=super puzzle |
"{A3E677F3-7AF7-4365-AC6B-0F0F83DDB86F}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{A48BCAB9-109A-4E34-9644-38A8BBFA5126}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{A78DB683-8941-4C1F-8FDD-CDF3AB0AD382}" = dir=out | name=klasická angličtina sk |
"{AB4AE255-B628-4487-9BC6-EEF2C64F3720}" = dir=out | name=@{microsoft.zunevideo_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{ADFD48C5-9422-4996-9108-72E300D80030}" = dir=out | name=app radio |
"{AEFBADA3-7A2C-46BD-A0F9-2347E57941BE}" = dir=in | name=accuweather for windows 8 |
"{B1392210-56FF-4813-A150-A119A770F4CF}" = dir=out | name=photo editor |
"{B61CB680-763F-4113-B110-48623A4CA3A4}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{B7749732-CAEB-49F3-B6C9-5E0712C3433C}" = protocol=6 | dir=out | app=system |
"{B79CD9A1-FE49-4E73-8B12-970742B6251A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B9E7C4B5-4311-4428-AB64-21D10145B34C}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{BA0E1E35-F8D7-4F89-B033-845682CEC6B4}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{BBD4D5C4-9768-40E4-9CDB-D213E12A5019}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{BD26CFF4-DA0B-4437-A6AE-2B3D3FBE77A5}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{BD469D4B-B9AC-4C72-95D8-CBCDEA33ADC3}" = dir=out | name=@{microsoft.zunemusic_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{C0687094-6D2A-4A0B-B6EC-C1B8942C5DA2}" = dir=out | name=mcafee security advisor for lenovo |
"{C11E74C2-8DD1-45A2-BB7D-41E4131F5AFF}" = dir=in | name=accuweather for windows 8 |
"{C59F7297-6913-4E54-89FE-D23EFB622329}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{C8181EF1-C058-490D-9778-F7B09571034F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C84B5192-5326-4233-8167-60305787B148}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CE3F6E06-87B3-4C4E-A9DE-A6DDADAA1F32}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CF7F0927-0B3B-429F-B68A-41F31BA368E6}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{D0ECC364-6D21-49F6-B599-D3558E1B7C5A}" = dir=out | name=@{microsoft.zunevideo_1.5.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{D11F7207-C0BE-4295-A0D1-CAE3C92F416F}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{D23317B1-3220-444F-B842-FAD2F593F6C2}" = dir=out | name=lenovo support |
"{D966A7F4-D2BD-4A7D-A6BD-3C2BB61819DA}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{DAA3042D-25C8-4A50-8BE6-1AB168901C16}" = dir=out | name=lenovo support |
"{DAF40C26-3363-4BA2-B55B-09EAAA11439E}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{DDF2C6E9-A985-46A5-913B-1F246D52A283}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E165774C-B01D-4486-82CC-D497DA275A87}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{E30F96F3-C2C9-4B85-8617-C80AB40754A7}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{E3807658-3843-4E30-97C4-B944145C0B28}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{E42481BF-084B-4C8D-8AF9-4D3879F348FF}" = dir=out | name=@{microsoft.bingsports_2.0.0.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{E6E33DD0-FC02-4132-9D1F-30F0A48A5D11}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7E0D93E-4F33-460B-A02D-1B4A9AC0BB6D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F220F222-96D9-492A-B298-E708B7CEC9C6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F5AA38F9-4CDD-4587-9FB6-D3A4538DCB17}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F6A32530-37B3-4095-8180-B5E8B3E1C678}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F8DDA6E2-0BE3-4FC0-8CF7-D6EAE1EA6AF2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F9CB8AE1-4354-47F2-8A3C-9A87A572A6D7}" = dir=out | name=slovenské aplikácie |
"{FAA9F2A5-5EED-4D77-B432-B3CC5FE5CF74}" = dir=in | name=powerdvd for lenovo idea |
"{FB9B3C85-3DF5-40AB-9F9F-44912BEDE52C}" = dir=out | name=mytrip |
"{FC79927C-BFBF-4E10-A2D6-4A41ED662206}" = dir=out | name=evernote touch |
"{FE975C22-7190-40CB-A949-52F6F3BCF737}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{FED9A41C-CC97-422D-81B7-B115AE33FE24}" = dir=out | name=network speed test |
"{FFBBF957-2848-4D89-B0FC-350AF8D6B45C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FFFDF329-78EE-4AE3-8934-E5E6A6CEE589}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"TCP Query User{7C47F75F-6AC4-4297-AFF7-115A529F3A43}C:\program files (x86)\ea games\dead space 2\deadspace2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\dead space 2\deadspace2.exe |
"TCP Query User{9F38DC08-BA00-4F0A-B2A2-CC99F66A6190}C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe |
"TCP Query User{E6775D1C-133A-4B1E-8C08-BC65D0CA8CAA}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"TCP Query User{EEFEA884-CC04-42FD-956F-9AFAE7F66683}C:\program files (x86)\microsoft office\office14\groove.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"UDP Query User{B2E8DD7A-3FB7-4A0D-BADC-6ABF10955370}C:\program files (x86)\microsoft office\office14\groove.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"UDP Query User{F0FD2993-F8E1-4299-9ABB-B5603D55D0B2}C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe |
"UDP Query User{F5053638-6484-461C-BF7C-204C24A8E6AC}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"UDP Query User{F7EDB362-AE65-4A6B-9F9D-456FD3A91DE9}C:\program files (x86)\ea games\dead space 2\deadspace2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\dead space 2\deadspace2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0728A184-F899-4356-B93D-8228674F0DEB}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23D486D4-FBE0-40F3-A245-E4D56D094764}" = Intel(R) WiDi
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{71F56660-C981-44BF-981E-E51106452220}" = ESET NOD32 Antivirus
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2010
"{962E1735-D2E0-4813-AB9F-C6CBA09E759A}" = Intel® PROSet/Wireless WiFi Software
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 311.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 311.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F13921D6-AE6D-41BF-807A-17BD99C0A4FD}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42" = Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)
"8A223E56FB1ED4F697B54E5BF96F1EB63B512684" = Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 11.4.8.1_WHQL
"ProInst" = Intel PROSet Wireless
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}" = Amazon Browser App
"{15CC861C-C69E-3758-8961-CE304C2595B6}" = Google Talk Plugin
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 25
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5B7EF375-70C7-4349-9DD2-99FF487F5078}" = Z400 48Wh battery
"{5DB849D6-9392-4FB7-9ABB-87ED433152E5}" = LG United Mobile Drivers
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0015-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-040E-0000-0000000FF1CE}_Office14.PROPLUS_{71431694-851E-4BC7-92A9-4BB9D196E24F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-041B-1000-0000000FF1CE}_Office14.PROPLUS_{6AD0855C-A3FC-4B71-907A-D4372C6F75DB}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}_Office14.PROPLUS_{93F2D01D-F7E6-46E5-9A7C-316262461F9F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}_Office14.PROPLUS_{56405E5D-9583-4644-B183-AFB3E19D80B3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}" = Onekey Theater
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3DA7AB8-4A9A-4F86-BA33-9C61B6CE082A}" = King's Bounty Crossworlds
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}_955" = Adobe Acrobat 9.5.5 - CPSID_83708
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{DD7D6D84-93AB-48CA-A759-94324E341CBA}" = Intelligent Touchpad
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = Lenovo EasyCamera
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.80
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PunkBusterSvc" = PunkBuster Services
"Saints Row The Third_is1" = Saints Row The Third
"Uplay" = Uplay

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 26.8.2013 6:57:53 | Computer Name = Mistery-NB | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component
2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error - 26.8.2013 7:01:07 | Computer Name = Mistery-NB | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Acrobat
9.0\Designer 8.2\FormDesigner.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component
2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error - 26.8.2013 13:53:16 | Computer Name = Mistery-NB | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 26.8.2013 13:53:17 | Computer Name = Mistery-NB | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27.8.2013 7:43:20 | Computer Name = Mistery-NB | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27.8.2013 7:43:20 | Computer Name = Mistery-NB | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27.8.2013 10:19:34 | Computer Name = Mistery-NB | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27.8.2013 10:19:34 | Computer Name = Mistery-NB | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27.8.2013 12:01:32 | Computer Name = Mistery-NB | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 27.8.2013 12:01:32 | Computer Name = Mistery-NB | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

[ System Events ]
Error - 19.8.2013 2:06:49 | Computer Name = Mistery-NB | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 19.8.2013 6:29:49 | Computer Name = Mistery-NB | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 19.8.2013 6:32:17 | Computer Name = Mistery-NB | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 19.8.2013 8:23:05 | Computer Name = Mistery-NB | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 19.8.2013 8:23:05 | Computer Name = Mistery-NB | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 19.8.2013 15:10:56 | Computer Name = Mistery-NB | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 21.8.2013 15:37:35 | Computer Name = Mistery-NB | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 21.8.2013 15:38:09 | Computer Name = Mistery-NB | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 21.8.2013 17:23:15 | Computer Name = Mistery-NB | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 21.8.2013 17:23:15 | Computer Name = Mistery-NB | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058


< End of report >
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola logu po odinstalovani bordelu

#7 Příspěvek od vyosek »

:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {28687A87-7A66-412A-A7AF-32F572833906}
IE:64bit: - HKLM\..\SearchScopes\{28687A87-7A66-412A-A7AF-32F572833906}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {28687A87-7A66-412A-A7AF-32F572833906}
IE - HKLM\..\SearchScopes\{28687A87-7A66-412A-A7AF-32F572833906}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
IE - HKU\S-1-5-21-3100529577-210449043-3099969227-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
IE - HKU\S-1-5-21-3100529577-210449043-3099969227-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-3100529577-210449043-3099969227-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/
IE - HKU\S-1-5-21-3100529577-210449043-3099969227-1002\..\SearchScopes,DefaultScope = {28687A87-7A66-412A-A7AF-32F572833906}
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{14597096-c6fd-11e2-bea7-6036dd43ce79}\Shell - "" = AutoRun
[2013.04.08 18:37:48 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2013.04.08 18:37:48 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2013.05.19 18:24:32 | 000,000,000 | ---D | M] -- C:\Users\Katarína\AppData\Roaming\IObit
[2013.03.28 22:49:59 | 000,000,000 | ---D | M] -- C:\Users\Miroslav\AppData\Roaming\IObit
[3 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\windows\Inf\Intel Storage Counters\*.tmp files -> C:\windows\Inf\Intel Storage Counters\*.tmp -> ]
[1 C:\windows\Inf\Intel Storage Counters\0000\*.tmp files -> C:\windows\Inf\Intel Storage Counters\0000\*.tmp -> ]
[1 C:\windows\Inf\Intel Storage Counters\0009\*.tmp files -> C:\windows\Inf\Intel Storage Counters\0009\*.tmp -> ]
[1 C:\windows\Inf\Intel Storage Counters\001B\*.tmp files -> C:\windows\Inf\Intel Storage Counters\001B\*.tmp -> ]
[2 C:\windows\Panther\*.tmp files -> C:\windows\Panther\*.tmp -> ]
[4 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]
[1 C:\windows\WinSxS\*.tmp files -> C:\windows\WinSxS\*.tmp -> ]
[2013.08.29 11:40:00 | 000,000,940 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002Core.job
[2013.07.28 11:35:02 | 000,000,962 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002UA.job
[2013.07.12 00:07:13 | 000,000,962 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore1ce7e82ff658359.job
[2013.08.30 13:07:00 | 000,000,966 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA1ce50e6947643e6.job
[2013.07.12 17:37:43 | 000,000,928 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002Core1ce7f15bfd2cbcc.job
[2013.07.07 09:53:53 | 000,000,980 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002UA.job
[2013.08.19 08:13:00 | 000,000,928 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1005Core.job
[2013.07.16 08:08:31 | 000,000,980 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1005UA1ce81eae54976b4.job

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=-
"OfficeSyncProcess"=-
"Google Update"=-
"Facebook Update"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=-
"RemoteControl10"=-
"BCSSync"=-
"Adobe Acrobat Speed Launcher"=-
"Acrobat Assistant 8.0"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
mistery
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 31 říj 2010 18:42

Re: Kontrola logu po odinstalovani bordelu

#8 Příspěvek od mistery »

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{28687A87-7A66-412A-A7AF-32F572833906}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28687A87-7A66-412A-A7AF-32F572833906}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{28687A87-7A66-412A-A7AF-32F572833906}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28687A87-7A66-412A-A7AF-32F572833906}\ not found.
HKU\S-1-5-21-3100529577-210449043-3099969227-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-3100529577-210449043-3099969227-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKU\S-1-5-21-3100529577-210449043-3099969227-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-3100529577-210449043-3099969227-1002\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
File c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14597096-c6fd-11e2-bea7-6036dd43ce79}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14597096-c6fd-11e2-bea7-6036dd43ce79}\ not found.
C:\Users\Default\AppData\Roaming\IObit\Advanced SystemCare V6\Boottime folder moved successfully.
C:\Users\Default\AppData\Roaming\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Users\Default\AppData\Roaming\IObit folder moved successfully.
Folder C:\Users\Default User\AppData\Roaming\IObit\ not found.
C:\Users\Katarína\AppData\Roaming\IObit\Advanced SystemCare V6\Log folder moved successfully.
C:\Users\Katarína\AppData\Roaming\IObit\Advanced SystemCare V6\boottime folder moved successfully.
C:\Users\Katarína\AppData\Roaming\IObit\Advanced SystemCare V6\Backup folder moved successfully.
C:\Users\Katarína\AppData\Roaming\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Users\Katarína\AppData\Roaming\IObit folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\Startup Manager folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\SmartRAM folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\Registrycleaner\backup folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\Registrycleaner folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\Log folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\Internet Booster folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\EmptyFolder folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\Driver Manager\DriverBackup folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\Driver Manager folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\DiskCheck folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\Disk Cleaner folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\ClonedFilesScanner folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\Boottime folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6\Backup folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit\Advanced SystemCare V6 folder moved successfully.
C:\Users\Miroslav\AppData\Roaming\IObit folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB3BB.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBD4E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD9D1.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7B1.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAC03.tmp folder deleted successfully.
C:\windows\Inf\Intel Storage Counters\tmpA0BF.tmp deleted successfully.
C:\windows\Inf\Intel Storage Counters\tmpA0D0.tmp deleted successfully.
C:\windows\Inf\Intel Storage Counters\0000\tmpA0BF.tmp deleted successfully.
C:\windows\Inf\Intel Storage Counters\0009\tmpA0BF.tmp deleted successfully.
C:\windows\Inf\Intel Storage Counters\001B\tmpA0BF.tmp deleted successfully.
C:\windows\Panther\_s_4557.tmp deleted successfully.
C:\windows\Panther\_s_473D.tmp deleted successfully.
C:\windows\Temp\inx26A9.tmp deleted successfully.
C:\windows\Temp\inxA1FA.tmp deleted successfully.
C:\windows\Temp\inxF303.tmp deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\temp folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\oldfiles folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_update.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_update.eset.com folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um25.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um25.eset.com folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um23.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um23.eset.com folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um21.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um21.eset.com folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um16.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um16.eset.com folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um10.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um10.eset.com folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um04.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um04.eset.com folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um02.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_um02.eset.com folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_93.184.71.27\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_93.184.71.27 folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_91.228.167.26\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_91.228.167.26 folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_91.228.166.15\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_91.228.166.15 folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_91.228.166.13\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_91.228.166.13 folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_89.202.149.49\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_89.202.149.49 folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_89.202.149.45\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_89.202.149.45 folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_84.233.195.62\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_84.233.195.62 folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_62.67.184.81\update.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\http_62.67.184.81 folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod0331.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod0ABF.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod0B3E.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod12D8.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod12F6.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod136C.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod154F.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod1A71.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod27A7.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod2885.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod2B3D.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod2F55.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod3078.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod5724.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod64D0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod66D8.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod7294.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous\nod756A.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\continuous folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em001_32_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em001_32_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em001_32_l2.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em003_32_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em003_32_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em004_32_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em004_32_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em004_32_l2.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em005_32_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em005_32_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em006_32_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em006_32_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em006_32_l2.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em006_64_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em006_64_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em006_64_l2.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em009_32_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em009_32_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em009_32_l2.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em009_64_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em009_64_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em015_32_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em015_32_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em015_32_l2.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em015_64_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em015_64_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em015_64_l2.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em017_32_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em017_32_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em017_32_l2.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em017_64_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em017_64_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em017_64_l2.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em018_32_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em018_64_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em019_32_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em019_32_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em019_32_l2.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em022_32_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em022_32_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em024_32_l0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em024_32_l1.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\em024_32_l2.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\lastupd.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\nod1203.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\nod1A6F.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\nod1B2E.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\nod2331.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\nod27FD.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\nod3488.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\nod43FB.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\nod4710.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\nod4E82.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\nod5719.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\nod5AF7.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\nod7FB0.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\upd.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\upd0029.nup deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles\updpcu.ver deleted successfully.
C:\windows\Temp\ni1D43.tmp\updfiles folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\SysInspector folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201301a.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201301b.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201302a.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201302b.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201303a.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201303b.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201304a.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201304b.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201305a.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201305b.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201306a.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201306b.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201307a.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201307b.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201308a.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats\disk201308b.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\stats folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\productxml folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em000_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em000_64.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em001_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em002_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em003_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em004_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em005_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em006_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em006_64.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em009_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em009_64.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em015_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em015_64.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em017_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em017_64.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em018_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em018_64.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em019_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em022_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em023_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em024_32.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules\em028_64.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\modules folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\MailServer folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\logs\eScan\ndl21168.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\logs\eScan\ndl5533.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\logs\eScan folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\logs\hipslog.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\logs\urllog.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\logs\virlog.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\logs\warnlog.dat deleted successfully.
C:\windows\Temp\ni1D43.tmp\logs folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\logo folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\distributor folder deleted successfully.
C:\windows\Temp\ni1D43.tmp\local.db deleted successfully.
C:\windows\Temp\ni1D43.tmp folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\temp\em002_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\temp\em023_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\temp folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\oldfiles\em002_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\oldfiles\em023_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\oldfiles folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_update.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_update.eset.com folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um25.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um25.eset.com folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um23.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um23.eset.com folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um21.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um21.eset.com folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um16.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um16.eset.com folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um10.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um10.eset.com folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um04.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um04.eset.com folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um02.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_um02.eset.com folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_93.184.71.27\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_93.184.71.27 folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_91.228.167.26\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_91.228.167.26 folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_91.228.166.15\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_91.228.166.15 folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_91.228.166.13\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_91.228.166.13 folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_89.202.149.49\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_89.202.149.49 folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_89.202.149.45\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_89.202.149.45 folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_84.233.195.62\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_84.233.195.62 folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_62.67.184.81\update.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\http_62.67.184.81 folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod0331.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod0783.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod0ABF.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod0B3E.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod12D8.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod12F6.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod136C.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod154F.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod1A71.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod27A7.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod2B3D.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod2DD9.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod3078.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod3DA6.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod5724.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod64D0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod7140.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous\nod756A.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\continuous folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em001_32_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em001_32_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em001_32_l2.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em003_32_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em003_32_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em004_32_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em004_32_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em004_32_l2.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em005_32_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em005_32_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em006_32_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em006_32_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em006_32_l2.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em006_64_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em006_64_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em006_64_l2.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em009_32_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em009_32_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em009_32_l2.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em009_64_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em009_64_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em015_32_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em015_32_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em015_32_l2.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em015_64_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em015_64_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em015_64_l2.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em017_32_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em017_32_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em017_32_l2.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em017_64_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em017_64_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em017_64_l2.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em018_32_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em018_64_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em019_32_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em019_32_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em019_32_l2.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em022_32_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em022_32_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em024_32_l0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em024_32_l1.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\em024_32_l2.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\lastupd.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\nod1203.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\nod1A6F.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\nod1B2E.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\nod2331.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\nod27FD.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\nod3488.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\nod43FB.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\nod4710.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\nod4E82.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\nod5719.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\nod5AF7.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\nod7FB0.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\upd.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\upd0029.nup deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles\updpcu.ver deleted successfully.
C:\windows\Temp\ni52E8.tmp\updfiles folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\SysInspector folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201301a.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201301b.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201302a.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201302b.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201303a.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201303b.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201304a.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201304b.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201305a.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201305b.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201306a.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201306b.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201307a.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201307b.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201308a.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats\disk201308b.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\stats folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\productxml folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em000_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em000_64.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em001_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em002_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em003_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em004_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em005_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em006_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em006_64.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em009_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em009_64.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em015_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em015_64.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em017_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em017_64.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em018_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em018_64.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em019_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em022_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em023_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em024_32.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules\em028_64.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\modules folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\MailServer folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\logs\eScan\ndl17089.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\logs\eScan\ndl21168.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\logs\eScan\ndl5533.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\logs\eScan folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\logs\hipslog.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\logs\urllog.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\logs\virlog.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\logs\warnlog.dat deleted successfully.
C:\windows\Temp\ni52E8.tmp\logs folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\logo folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\distributor folder deleted successfully.
C:\windows\Temp\ni52E8.tmp\local.db deleted successfully.
C:\windows\Temp\ni52E8.tmp folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\temp folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\oldfiles folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_update.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_update.eset.com folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um25.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um25.eset.com folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um23.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um23.eset.com folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um21.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um21.eset.com folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um16.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um16.eset.com folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um10.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um10.eset.com folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um04.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um04.eset.com folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um02.eset.com\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_um02.eset.com folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_93.184.71.27\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_93.184.71.27 folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_91.228.167.26\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_91.228.167.26 folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_91.228.166.15\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_91.228.166.15 folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_91.228.166.13\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_91.228.166.13 folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_89.202.149.49\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_89.202.149.49 folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_89.202.149.45\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_89.202.149.45 folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_84.233.195.62\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_84.233.195.62 folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_62.67.184.81\update.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\http_62.67.184.81 folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod0331.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod0ABF.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod0B3E.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod12D8.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod12F6.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod136C.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod154F.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod1A71.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod27A7.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod2885.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod2B3D.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod3078.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod4137.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod5724.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod6310.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod64D0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod66D8.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous\nod756A.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\continuous folder deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em001_32_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em001_32_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em001_32_l2.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em003_32_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em003_32_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em004_32_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em004_32_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em004_32_l2.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em005_32_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em005_32_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em006_32_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em006_32_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em006_32_l2.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em006_64_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em006_64_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em006_64_l2.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em009_32_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em009_32_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em009_32_l2.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em009_64_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em009_64_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em015_32_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em015_32_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em015_32_l2.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em015_64_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em015_64_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em015_64_l2.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em017_32_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em017_32_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em017_32_l2.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em017_64_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em017_64_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em017_64_l2.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em018_32_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em018_64_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em019_32_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em019_32_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em019_32_l2.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em022_32_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em022_32_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em024_32_l0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em024_32_l1.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\em024_32_l2.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\lastupd.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\nod1203.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\nod1A6F.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\nod1B2E.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\nod2331.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\nod27FD.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\nod3488.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\nod43FB.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\nod4710.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\nod4E82.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\nod5719.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\nod5AF7.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\nod7FB0.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\upd.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\upd0029.nup deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles\updpcu.ver deleted successfully.
C:\windows\Temp\ni687A.tmp\updfiles folder deleted successfully.
C:\windows\Temp\ni687A.tmp\SysInspector folder deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201301a.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201301b.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201302a.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201302b.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201303a.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201303b.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201304a.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201304b.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201305a.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201305b.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201306a.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201306b.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201307a.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201307b.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201308a.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats\disk201308b.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\stats folder deleted successfully.
C:\windows\Temp\ni687A.tmp\productxml folder deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em000_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em000_64.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em001_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em002_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em003_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em004_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em005_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em006_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em006_64.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em009_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em009_64.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em015_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em015_64.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em017_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em017_64.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em018_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em018_64.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em019_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em022_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em023_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em024_32.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules\em028_64.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\modules folder deleted successfully.
C:\windows\Temp\ni687A.tmp\MailServer folder deleted successfully.
C:\windows\Temp\ni687A.tmp\logs\eScan\ndl17089.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\logs\eScan\ndl21168.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\logs\eScan\ndl5533.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\logs\eScan folder deleted successfully.
C:\windows\Temp\ni687A.tmp\logs\hipslog.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\logs\urllog.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\logs\virlog.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\logs\warnlog.dat deleted successfully.
C:\windows\Temp\ni687A.tmp\logs folder deleted successfully.
C:\windows\Temp\ni687A.tmp\logo folder deleted successfully.
C:\windows\Temp\ni687A.tmp\distributor folder deleted successfully.
C:\windows\Temp\ni687A.tmp\local.db deleted successfully.
C:\windows\Temp\ni687A.tmp folder deleted successfully.
C:\windows\WinSxS\Reserve.tmp deleted successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002Core.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7e82ff658359.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce50e6947643e6.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002Core1ce7f15bfd2cbcc.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1002UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1005Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3100529577-210449043-3099969227-1005UA1ce81eae54976b4.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AlcoholAutomount deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\OfficeSyncProcess deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\BCSSync deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Katarína
->Temp folder emptied: 732913 bytes
->Temporary Internet Files folder emptied: 135 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 2227951 bytes
->Flash cache emptied: 506 bytes

User: Miroslav
->Temp folder emptied: 9728276 bytes
->Temporary Internet Files folder emptied: 13145437 bytes
->Java cache emptied: 53528 bytes
->Google Chrome cache emptied: 56533964 bytes
->Flash cache emptied: 506 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3199860 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 99032 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 82,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Katarína
->Flash cache emptied: 0 bytes

User: Miroslav
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Katarína
->Java cache emptied: 0 bytes

User: Miroslav
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 08302013_215533

Files\Folders moved on Reboot...
C:\Users\Miroslav\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola logu po odinstalovani bordelu

#9 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: Odinstalujte Combofix
  • Prejmenujte ComboFix na Uninstall
  • Spustte jej
  • Tohle smaze Combofix a jeho slozky
:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
mistery
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 31 říj 2010 18:42

Re: Kontrola logu po odinstalovani bordelu

#10 Příspěvek od mistery »

Velmi pekne dakujem za pomoc :) hned som kludnejsi ked sa mi na to pozrel odbornik (PC startuje rychlejsie...)
Velka vdaka
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola logu po odinstalovani bordelu

#11 Příspěvek od vyosek »

Nemate zac, rad jsem pomohl :worship: Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat :lock:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“