Možnosť prítomnosti viru

[Márty84]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[July]

tu je ten OTL, prvá časť:

OTL logfile created on: 12.4.2014 18:35:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\July\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

3,94 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 62,50% Memory free
4,81 Gb Paging File | 2,95 Gb Available in Paging File | 61,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 574,02 Gb Total Space | 84,84 Gb Free Space | 14,78% Space Free | Partition Type: NTFS
Drive D: | 16,85 Gb Total Space | 2,50 Gb Free Space | 14,80% Space Free | Partition Type: NTFS
Drive E: | 4,98 Gb Total Space | 4,97 Gb Free Space | 99,67% Space Free | Partition Type: FAT32

Computer Name: MAŤKO | User Name: July | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.04.12 18:32:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\July\Desktop\OTL.exe
PRC - [2014.04.02 08:38:07 | 000,228,744 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
PRC - [2014.03.12 10:29:49 | 000,276,376 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\nis.exe
PRC - [2014.01.03 23:14:24 | 002,594,584 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2014.01.03 23:14:24 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.01.02 15:18:44 | 000,285,832 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013.01.02 15:18:42 | 000,015,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.09.14 11:35:56 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012.09.06 10:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.11.23 00:15:56 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2007.09.24 19:11:42 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe


========== Modules (No Company Name) ==========

MOD - [2014.03.21 16:44:44 | 001,070,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\fd55ac3f3e215b2ad0cfe87d56ae21b8\System.ServiceModel.Web.ni.dll
MOD - [2014.02.14 17:27:40 | 002,964,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2155ee74acbc0781a44c2077ab3b95af\System.IdentityModel.ni.dll
MOD - [2014.02.14 17:27:37 | 000,026,624 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\6bb546d44a6283cfd14e54ff259b1558\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2014.02.14 17:27:35 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorCommon\aed7f4c7a0d8d39d44716bb5946390c9\IAStorCommon.ni.dll
MOD - [2014.02.14 17:27:06 | 000,360,448 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\543e4322092c29657207de32d36c39d8\IAStorUtil.ni.dll
MOD - [2014.02.14 17:27:03 | 000,785,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\805be8b7f84002fd634adf0a6cc01047\System.ServiceModel.Internals.ni.dll
MOD - [2014.02.14 17:27:03 | 000,118,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\c2f2c5073965c1d04b9023f65d3fe349\SMDiagnostics.ni.dll
MOD - [2014.02.14 10:55:36 | 007,803,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\fd6afdb3a9309e9af89222b778f5901c\System.Xml.ni.dll
MOD - [2014.02.14 10:55:29 | 001,874,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\d16bc7f3c78f5da5e6cda39fe71f943c\System.Xaml.ni.dll
MOD - [2014.02.14 10:55:26 | 012,856,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ec3e85d83522363e943a978c0572e360\System.Windows.Forms.ni.dll
MOD - [2014.02.14 10:55:07 | 019,566,080 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\31db5628e84268154f3bbeba0f7780df\System.ServiceModel.ni.dll
MOD - [2014.02.14 10:54:01 | 002,804,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\b110ef93e43ad2abdfa7b12c99443144\System.Runtime.Serialization.ni.dll
MOD - [2014.02.14 10:53:53 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\15ead42b8d352194f0f3fbba4f7ae02b\System.Drawing.ni.dll
MOD - [2014.02.14 10:53:40 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\9ab0202718d44c5bfe5120745304808a\System.Configuration.ni.dll
MOD - [2014.02.14 10:52:50 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ab8978239d891c4afffd6a6df3996a6e\System.Core.ni.dll
MOD - [2014.02.14 10:52:42 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\8455c031f8ffe82a0109c563873260e8\System.ni.dll
MOD - [2013.12.03 02:37:02 | 017,376,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\ebdd49343f711b2029293f8e621b28a2\mscorlib.ni.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.02.06 12:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.01.03 23:08:30 | 000,327,680 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2014.01.03 23:08:29 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2013.12.13 11:23:32 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.11.27 17:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013.11.27 11:17:40 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013.11.23 06:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.11.08 05:41:17 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013.10.31 02:29:53 | 000,348,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013.10.31 02:29:53 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013.10.22 03:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013.10.22 01:55:13 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2013.10.22 01:55:10 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2013.10.04 10:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013.09.30 06:03:25 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013.09.30 06:03:24 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.09.30 06:03:23 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013.09.30 05:51:09 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2013.09.30 05:51:09 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2013.09.13 14:23:42 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013.08.22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013.08.22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013.08.22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013.08.22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013.08.22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013.08.22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013.08.22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013.08.22 12:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013.08.22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013.08.22 11:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013.08.22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013.08.22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013.08.22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.08.22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.08.22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013.08.22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013.08.22 11:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013.08.22 11:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.08.22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.08.22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013.07.08 13:29:02 | 000,183,896 | ---- | M] (Sandboxie Holdings, LLC) [Auto | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2013.01.10 20:57:45 | 008,480,256 | ---- | M] (SMSC) [Auto | Running] -- C:\Program Files\SGFX\sgfxmgr.exe -- (SGFXMgr)
SRV - [2014.03.30 15:31:42 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.03.12 10:29:49 | 000,276,376 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe -- (NIS)
SRV - [2014.03.11 20:23:15 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.01.30 00:02:44 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014.01.03 23:14:24 | 002,594,584 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2014.01.03 23:14:24 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.10.22 01:55:16 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2013.10.22 01:55:16 | 000,475,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2013.10.22 01:55:12 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2013.10.22 01:55:11 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013.09.30 06:03:22 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013.08.22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013.08.22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013.08.22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013.01.02 15:18:42 | 000,015,496 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.09.27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012.09.14 12:42:06 | 000,216,192 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012.09.14 11:35:56 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2012.09.06 10:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011.11.23 00:15:56 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2007.09.24 19:11:42 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.04.12 16:31:44 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014.03.10 12:35:53 | 000,377,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014.03.04 06:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014.02.18 03:32:41 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\symnets.sys -- (SymNetS)
DRV:64bit: - [2014.02.13 03:59:49 | 000,875,736 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014.01.30 00:02:28 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014.01.08 03:46:27 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014.01.03 23:14:23 | 000,056,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2014.01.03 23:08:30 | 000,543,744 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013.12.13 11:23:36 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.12.13 11:23:36 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.12.13 11:23:16 | 000,036,096 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2013.12.02 11:17:37 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013.11.15 06:12:10 | 000,594,632 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013.11.11 04:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013.11.01 13:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.10.31 02:58:59 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.10.31 02:29:36 | 000,236,888 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.10.31 02:29:36 | 000,124,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013.10.31 02:28:47 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.10.30 04:52:48 | 000,549,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013.10.26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013.10.22 01:55:16 | 000,173,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2013.10.13 04:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013.10.05 17:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013.09.30 06:03:22 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.09.30 06:03:22 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.09.30 06:03:22 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013.09.30 05:51:11 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013.09.30 05:51:09 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013.09.30 05:51:00 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013.09.30 05:50:59 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013.09.30 05:50:59 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013.09.30 05:50:59 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013.09.30 05:50:59 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013.09.26 04:50:25 | 000,162,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013.08.22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013.08.22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.08.22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013.08.22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013.08.22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.08.22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013.08.22 14:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013.08.22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013.08.22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013.08.22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013.08.22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013.08.22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013.08.22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013.08.22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013.08.22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013.08.22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013.08.22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013.08.22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.08.22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013.08.22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013.08.22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.08.22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013.08.22 14:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013.08.22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013.08.22 14:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013.08.22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013.08.22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.08.22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013.08.22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013.08.22 14:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013.08.22 14:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013.08.22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013.08.22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013.08.22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013.08.22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013.08.22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013.08.22 13:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013.08.22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013.08.22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013.08.22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013.08.22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013.08.22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.08.22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013.08.22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013.08.22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013.08.22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013.08.22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013.08.22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013.08.22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013.08.22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.08.22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013.08.22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013.08.22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013.08.22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013.08.22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013.08.22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013.08.22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013.08.22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013.08.13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013.08.10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013.08.01 05:20:01 | 000,023,568 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\symelam.sys -- (SymELAM)
DRV:64bit: - [2013.08.01 05:19:50 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\symds64.sys -- (SymDS)
DRV:64bit: - [2013.07.31 06:13:30 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013.07.31 05:44:44 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.07.30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013.07.25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013.07.08 13:29:00 | 000,199,384 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2013.06.18 16:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013.06.18 16:45:05 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwnx.sys -- (athr)
DRV:64bit: - [2013.01.14 18:25:47 | 000,157,432 | ---- | M] (SMSC) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\sgfxk64.sys -- (sgfxk)
DRV:64bit: - [2013.01.14 18:25:41 | 000,018,168 | ---- | M] (SMSC) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sgfxl64.sys -- (sgfxl)
DRV:64bit: - [2013.01.02 15:14:08 | 000,641,672 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.11.28 10:42:06 | 001,866,080 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2012.09.14 12:21:52 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012.09.14 12:21:50 | 000,076,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012.09.14 12:21:48 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012.09.14 12:21:46 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012.09.14 12:21:46 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012.09.14 12:21:44 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012.08.23 12:07:44 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2012.07.31 10:05:14 | 000,175,928 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2012.07.26 07:32:22 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2014.03.06 09:55:06 | 000,524,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140317.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014.02.01 11:58:54 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140317.035\ex64.sys -- (NAVEX15)
DRV - [2014.02.01 11:58:54 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140317.035\eng64.sys -- (NAVENG)
DRV - [2013.12.18 02:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140214.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013.12.02 11:54:32 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.12.02 11:54:32 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1362896159-3011310148-4193956620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-1362896159-3011310148-4193956620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 BD A4 AF 11 F9 CE 01 [binary data]
IE - HKU\S-1-5-21-1362896159-3011310148-4193956620-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1362896159-3011310148-4193956620-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-1362896159-3011310148-4193956620-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.google.sk/"
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: web2pdfextension%40web2pdf.adobedotcom:2.0
FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.8.1
FF - prefs.js..extensions.enabledAddons: %7B0FED7D55-65D4-47b6-A6DE-9A4ADB55355F%7D:1.0.8
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.22
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\July\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\July\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\July\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\July\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014.02.02 17:28:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn\ [2014.03.14 15:13:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\IPSFF [2013.12.02 11:55:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.03.30 15:31:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.03.30 15:31:22 | 000,000,000 | ---D | M]

[2013.02.02 18:25:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\July\AppData\Roaming\mozilla\Extensions
[2014.03.25 21:01:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions
[2014.03.13 23:12:19 | 000,000,000 | ---D | M] (Autocopy) -- C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}
[2014.02.17 20:51:42 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2013.11.27 09:51:39 | 000,000,000 | ---D | M] (WOT) -- C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014.03.25 21:01:58 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.01.01 22:36:43 | 000,149,045 | ---- | M] () (No name found) -- C:\Users\July\AppData\Roaming\mozilla\firefox\profiles\820sicq2.default-1378316999575\extensions\autofillForms@blueimp.net.xpi
[2013.09.04 19:59:49 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\July\AppData\Roaming\mozilla\firefox\profiles\820sicq2.default-1378316999575\extensions\elemhidehelper@adblockplus.org.xpi
[2014.03.04 21:44:46 | 002,297,084 | ---- | M] () (No name found) -- C:\Users\July\AppData\Roaming\mozilla\firefox\profiles\820sicq2.default-1378316999575\extensions\firebug@software.joehewitt.com.xpi
[2014.01.23 19:45:30 | 000,086,523 | ---- | M] () (No name found) -- C:\Users\July\AppData\Roaming\mozilla\firefox\profiles\820sicq2.default-1378316999575\extensions\fireform@mozilla.org.xpi
[2014.03.05 21:45:05 | 001,393,079 | ---- | M] () (No name found) -- C:\Users\July\AppData\Roaming\mozilla\firefox\profiles\820sicq2.default-1378316999575\extensions\firefox@ghostery.com.xpi
[2014.03.22 14:36:43 | 000,675,577 | ---- | M] () (No name found) -- C:\Users\July\AppData\Roaming\mozilla\firefox\profiles\820sicq2.default-1378316999575\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
[2014.02.26 20:58:01 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\July\AppData\Roaming\mozilla\firefox\profiles\820sicq2.default-1378316999575\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.03.30 15:31:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.03.30 15:31:43 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.02.02 17:28:01 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- C:\PROGRAM FILES (X86)\ADOBE\ACROBAT 11.0\ACROBAT\BROWSER\WCFIREFOXEXTN
[2013.11.15 04:32:00 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\July\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\July\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\July\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U40 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Winamp Detect\npwachk.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
CHR - plugin: Java Deployment Toolkit 7.0.400.43 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Dokumenty Google = C:\Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: WOT = C:\Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.14_0\
CHR - Extension: YouTube = C:\Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: HÄľadaĹĄ v Google = C:\Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: iMacros for Chrome = C:\Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\7.0.2_0\
CHR - Extension: Adobe Acrobat – Vytvoriť PDF = C:\Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.6.70_0\
CHR - Extension: Norton Identity Protection = C:\Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.43_0\
CHR - Extension: Peňaženka Google = C:\Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.04.12 12:13:01 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2:64bit: - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros)
O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [SgfxConfig] C:\Program Files\SGFX\sgfxconfig.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1362896159-3011310148-4193956620-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1362896159-3011310148-4193956620-1001..\Run: [BrowserChoice] C:\Windows\BrowserChoice\browserchoice.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1362896159-3011310148-4193956620-1001..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\July\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk = C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe (Lingea)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{000EB08A-B8EB-4590-B54B-0F5044F6C9AE}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9869C403-5D4F-41BF-88F5-C6BA668EA608}: DhcpNameServer = 193.87.99.178 193.87.99.179
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs:64bit: MsKeyboardFilter - C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.ac3acm - ac3acm.acm (fccHandler)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32:64bit: VIDC.X264 - x264vfw64.dll (x264vfw project)
Drivers32:64bit: VIDC.XVID - xvidvfw.dll ()
Drivers32: msacm.ac3acm - C:\WINDOWS\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\WINDOWS\SysWow64\huffyuv.dll (Disappearing Inc.)
Drivers32: VIDC.LAGS - C:\WINDOWS\SysWow64\lagarith.dll ( )
Drivers32: VIDC.X264 - C:\WINDOWS\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\WINDOWS\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.04.12 18:32:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\July\Desktop\OTL.exe
[2014.04.12 16:37:25 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.04.12 12:27:50 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014.04.12 12:27:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.04.12 11:34:47 | 000,000,000 | ---D | C] -- C:\Users\July\Desktop\RK_Quarantine
[2014.04.10 08:13:36 | 000,377,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2014.04.10 08:13:34 | 001,287,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014.04.10 08:13:34 | 001,109,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014.03.31 22:16:14 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys
[2014.03.31 22:16:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\DRVSTORE
[2014.03.31 22:16:07 | 000,125,872 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\GEARAspi64.dll
[2014.03.31 22:16:07 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysWow64\GEARAspi.dll
[2014.03.31 22:15:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NBRTWizardx64
[2014.03.31 22:15:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NBRTWizardx64\0600000.04A
[2014.03.31 22:15:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
[2014.03.31 22:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
[2014.03.31 18:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014.03.31 18:38:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014.03.31 18:38:12 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014.03.31 13:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.03.31 13:54:25 | 000,000,000 | ---D | C] -- C:\rsit
[2014.03.31 09:53:53 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2014.03.31 09:53:53 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2014.03.30 15:31:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.03.28 18:49:57 | 000,000,000 | ---D | C] -- C:\Users\July\AppData\Local\Facebook
[2014.03.22 11:12:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appmgmt
[2014.03.20 13:14:25 | 000,000,000 | ---D | C] -- C:\Users\July\AppData\Local\Skype
[2014.03.18 22:51:02 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014.03.18 22:51:01 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014.03.18 22:51:01 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014.03.18 22:51:00 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014.03.18 22:50:59 | 000,749,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014.03.18 22:50:55 | 013,949,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014.03.18 22:50:54 | 018,576,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014.03.18 22:50:52 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014.03.18 22:50:52 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014.03.18 22:50:52 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014.03.18 22:50:51 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014.03.18 22:50:50 | 000,802,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014.03.18 22:50:50 | 000,481,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014.03.18 22:50:49 | 000,914,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2014.03.18 22:50:49 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingFacility.dll
[2014.03.18 22:50:49 | 000,770,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014.03.18 22:50:49 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014.03.18 22:50:49 | 000,381,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014.03.18 22:50:48 | 000,947,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014.03.18 22:50:48 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingFacility.dll
[2014.03.18 22:50:48 | 000,419,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2014.03.18 22:50:48 | 000,131,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easinvoker.exe
[2014.03.18 22:50:47 | 001,720,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014.03.18 22:50:47 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014.03.18 22:50:47 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti.dll
[2014.03.18 22:50:47 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2014.03.18 22:50:47 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\easwrt.dll
[4 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.04.12 18:38:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.04.12 18:32:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\July\Desktop\OTL.exe
[2014.04.12 18:28:56 | 000,816,166 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014.04.12 18:28:56 | 000,169,228 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014.04.12 18:28:55 | 000,994,468 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014.04.12 18:26:42 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.04.12 18:25:30 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.04.12 18:24:38 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.04.12 18:24:31 | 3380,903,936 | -HS- | M] () -- C:\hiberfil.sys
[2014.04.12 18:00:01 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1362896159-3011310148-4193956620-1001UA.job
[2014.04.12 18:00:01 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1362896159-3011310148-4193956620-1001Core.job
[2014.04.12 17:23:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.04.12 16:43:25 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.04.12 16:31:44 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014.04.12 16:13:23 | 001,426,178 | ---- | M] () -- C:\Users\July\Desktop\adwcleaner.exe
[2014.04.12 11:33:53 | 003,972,608 | ---- | M] () -- C:\Users\July\Desktop\RogueKiller.exe
[2014.04.10 11:55:32 | 002,406,789 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\Cat.DB
[2014.04.09 12:17:07 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForJuly.job
[2014.04.08 20:57:45 | 002,773,004 | ---- | M] () -- C:\Users\July\Desktop\Pečiatka_LSH.ai
[2014.04.07 19:26:02 | 000,001,357 | ---- | M] () -- C:\Users\July\Desktop\Diplomová práca.lnk
[2014.04.05 18:48:06 | 000,001,456 | ---- | M] () -- C:\Users\July\AppData\Local\Adobe Save for Web 13.0 Prefs
[2014.04.01 12:24:20 | 000,001,364 | ---- | M] () -- C:\Users\July\Desktop\Norton Installation Files.lnk
[2014.03.31 23:23:52 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014.03.31 23:23:52 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014.03.19 19:11:44 | 000,030,068 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\VT20140227.006
[2014.03.14 10:59:18 | 005,171,368 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[4 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[July]

pokračovanie
[2014.04.12 18:38:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.04.12 16:12:29 | 001,426,178 | ---- | C] () -- C:\Users\July\Desktop\adwcleaner.exe
[2014.04.12 11:33:34 | 003,972,608 | ---- | C] () -- C:\Users\July\Desktop\RogueKiller.exe
[2014.04.07 19:26:01 | 000,001,357 | ---- | C] () -- C:\Users\July\Desktop\Diplomová práca.lnk
[2014.03.31 22:15:48 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NBRTWizardx64\0600000.04A\isolate.ini
[2014.03.31 21:46:10 | 000,001,364 | ---- | C] () -- C:\Users\July\Desktop\Norton Installation Files.lnk
[2014.03.31 11:45:33 | 002,773,004 | ---- | C] () -- C:\Users\July\Desktop\Pečiatka_LSH.ai
[2014.03.18 22:50:53 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014.03.18 22:50:53 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014.02.04 01:23:33 | 000,466,407 | ---- | C] () -- C:\Users\July\DSC02167-1.jpg
[2014.02.04 01:17:40 | 000,346,092 | ---- | C] () -- C:\Users\July\DSC02105-1.jpg
[2014.02.04 01:14:44 | 000,755,063 | ---- | C] () -- C:\Users\July\DSC02114-1.jpg
[2014.02.04 01:11:33 | 000,606,085 | ---- | C] () -- C:\Users\July\DSC01939-1.jpg
[2014.01.30 00:02:22 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013.12.13 11:23:24 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013.12.13 11:23:24 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013.12.13 11:23:14 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013.12.05 10:39:13 | 000,001,456 | ---- | C] () -- C:\Users\July\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013.12.02 21:04:28 | 000,000,000 | ---- | C] () -- C:\Users\July\regbcm
[2013.10.30 10:59:21 | 000,000,132 | ---- | C] () -- C:\Users\July\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013.10.21 16:05:32 | 001,009,338 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013.10.13 17:15:23 | 000,000,600 | ---- | C] () -- C:\Users\July\AppData\Local\PUTTY.RND
[2013.10.12 15:10:31 | 000,000,000 | ---- | C] () -- C:\Users\July\proj1
[2013.09.30 09:30:20 | 000,000,132 | ---- | C] () -- C:\Users\July\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013.09.17 14:02:23 | 000,001,462 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2013.09.16 16:49:33 | 319,656,550 | ---- | C] () -- C:\Users\July\Nik+Software+Complete+Collection+2012.rar
[2013.09.14 12:48:48 | 000,000,049 | -H-- | C] () -- C:\Users\July\a.vbs
[2013.09.14 11:52:18 | 000,000,093 | ---- | C] () -- C:\WINDOWS\Lexstat.ini
[2013.09.14 11:51:18 | 000,274,432 | ---- | C] () -- C:\WINDOWS\SysWow64\LXBKinst.dll
[2013.09.13 14:23:55 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013.09.13 13:53:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013.09.13 12:54:38 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\lagarith.dll
[2013.09.13 12:54:37 | 000,650,752 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2013.09.13 12:54:37 | 000,243,200 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2013.09.13 12:54:32 | 000,217,176 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2013.09.13 12:54:29 | 000,112,640 | ---- | C] () -- C:\WINDOWS\SysWow64\ff_vfw.dll
[2013.08.22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013.08.22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013.08.22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013.08.22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013.08.22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013.02.21 02:52:22 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013.02.21 02:52:20 | 000,026,936 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsnl.dat
[2013.02.21 02:52:14 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013.02.21 02:52:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsny.dat
[2013.02.21 02:52:10 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2012.12.14 02:42:30 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012.12.14 02:42:28 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012.11.28 10:42:06 | 000,026,464 | ---- | C] () -- C:\WINDOWS\snuvcdsm.exe
[2012.11.28 10:42:06 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini

========== ZeroAccess Check ==========

[2014.01.03 17:55:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.12.09 10:05:24 | 021,199,256 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.12.09 06:51:04 | 018,643,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.09.13 14:56:18 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Autodesk
[2013.09.13 11:22:13 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\GHISLER
[2013.12.22 18:19:59 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\IDT
[2014.01.05 13:22:40 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Notepad++
[2014.01.22 15:03:39 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\SolidDocuments
[2013.09.12 15:07:28 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Synaptics
[2014.03.18 14:22:21 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\UDC Profiles

========== Purity Check ==========



========== Custom Scans ==========

< >
[2013.08.22 16:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.09.13 11:15:46 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.09.13 11:15:46 | 000,000,944 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.09.13 11:17:56 | 000,000,830 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.10.02 22:33:47 | 000,000,902 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1362896159-3011310148-4193956620-1001Core.job
[2013.10.02 22:33:48 | 000,000,954 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1362896159-3011310148-4193956620-1001UA.job
[2014.01.22 19:41:28 | 000,000,340 | ---- | C] () -- C:\WINDOWS\Tasks\HPCeeScheduleForJuly.job

< >

< MD5 for: AGP440.SYS >
[2013.08.22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013.08.22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_1d5376df88365b19\AGP440.sys
[2013.08.22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys

< MD5 for: ATAPI.SYS >
[2013.08.22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013.08.22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013.08.22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2013.08.22 13:41:41 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=37D01B8BC15E263F4405367C9A442824 -- C:\WINDOWS\SysNative\autochk.exe
[2013.08.22 13:41:41 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=37D01B8BC15E263F4405367C9A442824 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2013.08.22 06:13:03 | 000,793,600 | ---- | M] (Microsoft Corporation) MD5=E259644C02551BFAB10B160CF95C8F88 -- C:\Windows\SysWOW64\autochk.exe
[2013.08.22 06:13:03 | 000,793,600 | ---- | M] (Microsoft Corporation) MD5=E259644C02551BFAB10B160CF95C8F88 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe

< MD5 for: CDROM.SYS >
[2013.08.22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013.08.22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013.08.22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2013.08.22 12:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\WINDOWS\SysNative\cryptsvc.dll
[2013.08.22 12:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2013.10.22 08:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\SysWOW64\explorer.exe
[2013.10.22 08:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2013.11.16 14:12:33 | 000,133,444 | ---- | M] () MD5=3DDF61E1B538A1205612192A61CC2376 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2013.10.22 09:55:27 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\explorer.exe
[2013.10.22 09:55:27 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2013.11.16 14:19:58 | 000,127,825 | ---- | M] () MD5=983D8A3EB94B05A199D3744C0F0C475F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe

< MD5 for: HAL.DLL >
[2013.12.27 17:09:40 | 000,419,160 | ---- | M] (Microsoft Corporation) MD5=1FCA4E287F0ED13BF037A484AA2FE3B1 -- C:\WINDOWS\SysNative\hal.dll
[2013.12.27 17:09:40 | 000,419,160 | ---- | M] (Microsoft Corporation) MD5=1FCA4E287F0ED13BF037A484AA2FE3B1 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll
[2014.03.20 14:53:59 | 000,014,096 | ---- | M] () MD5=64D2873F32BB723BFFF3F8895032AA35 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll

< MD5 for: IASTORV.SYS >
[2013.08.22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013.08.22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013.08.22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2013.08.22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2013.08.22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_1d5376df88365b19\isapnp.sys
[2013.08.22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys

< MD5 for: LSASS.EXE >
[2013.08.22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\WINDOWS\SysNative\lsass.exe
[2013.08.22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe

< MD5 for: NDIS.SYS >
[2013.11.16 14:12:57 | 000,123,655 | ---- | M] () MD5=17F1BC1A73EECEA6394EFA770B41DDD3 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16405_none_4a6b5fcffbc14927\ndis.sys
[2014.01.20 19:12:04 | 000,046,734 | ---- | M] () MD5=68A9BA38BB275850F91165D1C1FCA8DA -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2013.11.25 03:32:57 | 001,119,064 | ---- | M] (Microsoft Corporation) MD5=ED39D676080A1AEA755F1DEC1A8DF1A4 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2013.11.25 03:32:57 | 001,119,064 | ---- | M] (Microsoft Corporation) MD5=ED39D676080A1AEA755F1DEC1A8DF1A4 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16475_none_4a1fb05bfbfa0cbe\ndis.sys

< MD5 for: NETLOGON.DLL >
[2013.08.22 04:49:21 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=CEBE4E2D2C6F3D6E87201C21B877929C -- C:\Windows\SysWOW64\netlogon.dll
[2013.08.22 04:49:21 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=CEBE4E2D2C6F3D6E87201C21B877929C -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2013.08.22 11:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) MD5=E01B8CE6646E055D2B806AE4DD5A1202 -- C:\WINDOWS\SysNative\netlogon.dll
[2013.08.22 11:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) MD5=E01B8CE6646E055D2B806AE4DD5A1202 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll

< MD5 for: NVRAID.SYS >
[2013.08.22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2013.08.22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013.08.22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2013.08.22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013.08.22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013.08.22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys

< MD5 for: SCECLI.DLL >
[2013.08.22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\SysWOW64\scecli.dll
[2013.08.22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2013.08.22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\WINDOWS\SysNative\scecli.dll
[2013.08.22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll

< MD5 for: SMSS.EXE >
[2013.08.22 15:25:40 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=89B91AEEE4C0C5D3708C0F177C97B630 -- C:\WINDOWS\SysNative\smss.exe
[2013.08.22 15:25:40 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=89B91AEEE4C0C5D3708C0F177C97B630 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe

< MD5 for: SVCHOST.EXE >
[2013.08.22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013.08.22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013.08.22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe
[2013.08.22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.01.20 19:13:19 | 000,210,441 | ---- | M] () MD5=01941724D120729E2B680B22F05D4123 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2014.03.14 14:09:35 | 000,271,861 | ---- | M] () MD5=2102610D6FD1D928A3D7155077A78B82 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2013.11.16 14:15:16 | 000,250,257 | ---- | M] () MD5=D051052CB1A286833805C2E0F7710F85 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16408_none_a436f4cb3a18ca65\tcpip.sys
[2014.01.29 10:47:44 | 002,543,960 | ---- | M] (Microsoft Corporation) MD5=ECC68BD5347BDE9631EE68274858A41F -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014.01.29 10:47:44 | 002,543,960 | ---- | M] (Microsoft Corporation) MD5=ECC68BD5347BDE9631EE68274858A41F -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2013.08.22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe
[2013.08.22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013.08.22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013.08.22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013.08.22 11:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\WINDOWS\SysNative\winlogon.exe
[2013.08.22 11:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe

< MD5 for: WS2_32.DLL >
[2013.08.22 07:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\SysWOW64\ws2_32.dll
[2013.08.22 07:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2013.08.22 15:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\WINDOWS\SysNative\ws2_32.dll
[2013.08.22 15:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\WINDOWS\Inf\Intel Storage Counters\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\*.tmp -> ]
[2 C:\WINDOWS\Inf\Intel Storage Counters\0000\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\0000\*.tmp -> ]
[2 C:\WINDOWS\Inf\Intel Storage Counters\0009\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\0009\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2014.01.02 18:19:37 | 000,520,192 | ---- | M] (Simon Tatham) -- C:\putty.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.10.25 17:57:52 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\ABBYY
[2014.02.14 19:24:33 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Adobe
[2013.09.13 12:12:50 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Apple Computer
[2013.09.12 19:13:21 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Atheros
[2013.09.12 20:44:38 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\ATI
[2013.09.13 14:56:18 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Autodesk
[2013.09.13 11:22:13 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\GHISLER
[2013.09.12 23:35:15 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Hewlett-Packard
[2013.09.12 18:38:22 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\hpqLog
[2013.10.21 19:19:15 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Identities
[2013.12.22 18:19:59 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\IDT
[2013.09.12 18:56:49 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Intel Corporation
[2013.09.13 12:01:47 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Macromedia
[2013.12.27 12:25:57 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Media Player Classic
[2014.01.05 16:15:57 | 000,000,000 | --SD | M] -- C:\Users\July\AppData\Roaming\Microsoft
[2014.03.19 19:57:10 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Mozilla
[2014.01.22 17:44:13 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Nero
[2014.01.05 13:22:40 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Notepad++
[2014.04.11 16:09:48 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Skype
[2014.01.22 15:03:39 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\SolidDocuments
[2013.09.12 15:07:28 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Synaptics
[2014.03.18 14:22:21 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\UDC Profiles
[2014.04.07 17:01:51 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\vlc
[2013.12.22 18:49:00 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\Winamp
[2013.09.13 11:32:25 | 000,000,000 | ---D | M] -- C:\Users\July\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2013.09.13 14:15:30 | 000,010,134 | R--- | M] () -- C:\Users\July\AppData\Roaming\Microsoft\Installer\{4BE91685-1632-47FC-B563-A8A542C6664C}\_11D36D7D958EACA4F5AF83.exe
[2013.09.13 14:15:30 | 000,010,134 | R--- | M] () -- C:\Users\July\AppData\Roaming\Microsoft\Installer\{4BE91685-1632-47FC-B563-A8A542C6664C}\_5A3AC3DADBD31745DC3DDC.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2014.03.01 04:57:18 | 011,266,048 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2014.03.01 04:57:18 | 011,266,048 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.04.12 18:27:15 | 000,000,018 | ---- | M] () -- C:\WINDOWS\system32\log.txt
[2014.04.10 08:09:01 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mshtml.tlb

< %SYSTEMDRIVE%\*.exe >
[2014.01.02 18:19:37 | 000,520,192 | ---- | M] (Simon Tatham) -- C:\putty.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BrowserChoice" = "C:\Windows\BrowserChoice\browserchoice.exe" /run -- [2013.08.22 14:39:49 | 000,086,816 | ---- | M] (Microsoft Corporation)
"SandboxieControl" = "C:\Program Files\Sandboxie\SbieCtrl.exe" -- [2013.07.08 13:29:02 | 000,759,384 | ---- | M] (Sandboxie Holdings, LLC)
"Google Update" = "C:\Users\July\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2013.09.13 11:15:42 | 000,116,648 | ---- | M] (Google Inc.)
"AdobeBridge" =

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.04.12 18:38:25 | 000,000,512 | ---- | M] () MD5=4D03127019E76EE52D130522FC468CF0 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2009.05.28 14:36:56 | 001,381,596 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Presets\Brushes\CB_22_Cracked_Brushes.abr
[2001.08.14 15:31:08 | 000,030,054 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - English\Inventor Server\Textures\surfaces\Cracks.bmp
[2001.08.14 13:31:08 | 000,030,054 | ---- | M] () -- \ProgramData\Autodesk\Inventor Fusion 2012\Design Data\surfaces\Cracks.bmp
[2001.08.14 13:31:08 | 000,030,054 | ---- | M] () -- \Users\All Users\Autodesk\Inventor Fusion 2012\Design Data\surfaces\Cracks.bmp
[2011.06.11 16:08:39 | 000,054,722 | ---- | M] () -- \Users\July\1 Škola\2. ročník\LS\Sadovnícke kvetinárstvo\obrázky\Moje stiahnuté\lysimachia_ciliata_firecracker-1.jpg
[2009.05.28 14:36:56 | 001,381,596 | ---- | M] () -- \Users\July\1 Škola\5. ročník\FOR Adobe\Brushes\CB_22_Cracked_Brushes.abr
[2010.07.16 12:09:30 | 003,804,838 | ---- | M] () -- \Users\July\Music\Peťo\Rapalje\[2001] Alesia\01 - The Crack was Ninety in the Isle of Man.mp3
[2010.07.16 12:20:10 | 009,862,145 | ---- | M] () -- \Users\July\Music\Peťo\Rapalje\[2007] Celtic Fire\10 - The Crack Was Ninety.mp3
[2011.09.10 10:41:23 | 006,152,666 | ---- | M] () -- \Users\July\Music\Peťo\Two Steps from Hell - Nero (2011)\33 - Crack In Time.mp3

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2012.09.23 20:43:52 | 000,012,278 | ---- | M] () -- \Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\WebPublish\BootStrapLoader.swf
[2010.03.09 05:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 02:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 02:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 02:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.02.22 23:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 23:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 23:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.04.21 21:44:16 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2013.05.09 02:43:22 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.05.09 02:43:22 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.07.18 23:33:32 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2012.03.13 12:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 10:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 10:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 10:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2011.08.17 10:47:00 | 000,182,496 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - English\AcAutoLoader.arx
[2011.02.03 23:44:29 | 000,008,416 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - English\AcAutoLoaderRes.dll
[2011.02.04 01:42:38 | 000,408,288 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - English\AdDownloaderCore.dll
[2011.01.17 14:43:08 | 000,027,016 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - English\AecLoader.arx
[2010.11.24 03:35:32 | 000,003,208 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - English\AdExchange\loader.gif
[2013.09.13 14:47:22 | 000,000,390 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - English\Help\contexthelp\APPAUTOLOADER.htm
[2011.01.24 22:13:08 | 000,047,776 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - English\Inventor Server\Bin\ClrAddinLoader.dll
[2010.06.23 12:08:48 | 000,034,500 | ---- | M] () -- \Program Files\Autodesk\Inventor Fusion 2012\BusyLoader.ani
[2013.05.09 02:43:22 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.05.09 02:43:22 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.02.18 13:16:39 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.243_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2013.09.30 05:51:54 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013.09.30 05:51:55 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013.09.30 05:51:55 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013.09.30 05:54:15 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014.04.01 19:50:50 | 000,056,273 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_2.2.802.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013.08.22 19:01:26 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2010.06.23 12:08:48 | 000,034,500 | ---- | M] () -- \ProgramData\Autodesk\Inventor Fusion 2012\Design Data\Loader2.ani
[2010.08.18 09:41:54 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2010.06.23 12:08:48 | 000,034,500 | ---- | M] () -- \Users\All Users\Autodesk\Inventor Fusion 2012\Design Data\Loader2.ani
[2010.08.18 09:41:54 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2014.02.17 10:46:26 | 000,003,208 | ---- | M] () -- \Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\skin\ajax-loader.gif
[2014.03.31 18:44:39 | 000,037,843 | ---- | M] () -- \Users\July\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\7.0.2_0\editor\editarea\edit_area\edit_area_loader.js
[2014.01.19 21:21:22 | 000,001,174 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\IE\1R6LJS5B\downloader[1].js
[2014.02.18 18:54:29 | 000,111,819 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\IE\6818U8M6\AdLoader-725aebe4743338ea770018ce780c157b.min[1].js
[2014.02.08 16:17:32 | 000,111,438 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\IE\6818U8M6\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2014.02.18 18:54:37 | 000,001,870 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\IE\6818U8M6\AdLoader[1].htm
[2014.01.19 21:21:22 | 000,000,723 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\IE\6818U8M6\downloaderror[1].js
[2014.01.01 17:49:56 | 000,110,991 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\IE\RA62LKJE\AdLoader-7b857a7be889bd57f92da60a9b6146bb.min[1].js
[2014.03.04 21:09:12 | 000,001,870 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\IE\RA62LKJE\AdLoader[1].htm
[2014.03.04 21:09:12 | 000,112,122 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\IE\VA4WXZOV\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014.02.18 18:54:29 | 000,001,870 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\IE\VA4WXZOV\AdLoader[1].htm
[2014.04.12 16:59:05 | 000,032,718 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\Low\IE\0IBMHTGU\loader.cxp[1].js
[2014.04.12 12:58:56 | 000,001,656 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\Low\IE\D40A8P3L\qualtricsLoader[1].js
[2014.04.12 12:42:32 | 000,001,231 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\Low\IE\E4MOZS39\oneMscomJsCssLoader[1].js
[2014.04.11 20:43:31 | 000,002,902 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\Low\IE\JXPFFKBX\loader.17e9b4eca3c4dbbcb5be44b22660bdb3[1].gif
[2014.04.12 12:44:01 | 000,004,448 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\Low\IE\TABFV5YR\Advert.Advantage.Reloader[1].js
[2014.01.28 20:35:56 | 000,072,638 | ---- | M] () -- \Users\July\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.01.28 20:35:56 | 000,003,032 | ---- | M] () -- \Users\July\AppData\Local\Skype\Apps\login\images\loader.png
[2014.01.28 20:35:56 | 000,006,012 | ---- | M] () -- \Users\July\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.01.28 20:35:56 | 000,021,956 | ---- | M] () -- \Users\July\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.01.28 20:35:56 | 000,009,772 | ---- | M] () -- \Users\July\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.03.31 21:40:51 | 001,022,080 | ---- | M] () -- \Users\July\Downloads\NBRT-Retail-Downloader.exe
[2010.10.20 21:00:50 | 003,726,063 | ---- | M] () -- \Users\July\Music\Skladby\Toploader - Dancing In The Moonlight.mp3
[2014.03.31 21:40:51 | 001,022,080 | ---- | M] () -- \Users\Public\Downloads\Norton\{NBRT60-B74-Retail-4abb-B07C-C084B04B4F12}\NBRT-Retail-Downloader.exe
[2014.02.14 17:23:24 | 000,017,920 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\ee262c4948f494839b881fc8f6ac55e0\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2014.02.14 17:23:24 | 000,000,696 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\ee262c4948f494839b881fc8f6ac55e0\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2012.10.01 21:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 21:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 21:34:40 | 000,364,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 21:34:40 | 000,268,384 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.10.21 16:13:01 | 000,015,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.CLRLoader.dll
[2014.04.01 12:24:22 | 000,061,372 | ---- | M] () -- \Windows\Prefetch\NBRT-RETAIL-DOWNLOADER.EXE-3F8287F3.pf
[2013.08.22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013.08.22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 16:52:34 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2013.08.22 16:52:33 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2013.08.22 13:21:30 | 000,046,592 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2013.08.22 15:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 15:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 15:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 13:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 13:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 13:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 13:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 13:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 13:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2013.09.30 05:48:33 | 000,000,459 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7.manifest
[2013.10.28 21:58:56 | 000,009,321 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7_winload.efi.mui_35ee487d
[2013.10.28 21:58:56 | 000,009,332 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7_winload.exe.mui_3bc5b827
[2013.10.28 21:58:56 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7_winresume.efi.mui_f412814e
[2013.10.28 21:58:56 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7_winresume.exe.mui_ff8b5358
[2014.03.13 20:37:59 | 000,000,550 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16496_none_4bdc4ccb40a43282.manifest
[2014.03.14 14:44:57 | 000,717,185 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16496_none_4bdc4ccb40a43282_winload.efi_75834aa0
[2014.03.14 14:45:00 | 000,654,653 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16496_none_4bdc4ccb40a43282_winload.exe_75835076
[2014.03.14 14:45:03 | 000,640,528 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16496_none_4bdc4ccb40a43282_winresume.efi_85cd069f
[2014.03.14 14:45:05 | 000,581,014 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16496_none_4bdc4ccb40a43282_winresume.exe_85cd1215
[2013.08.22 17:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013.09.30 05:47:17 | 000,000,459 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7.manifest
[2013.08.22 17:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2013.09.30 06:02:33 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2013.09.30 06:07:09 | 000,000,546 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3.manifest
[2013.12.14 13:41:12 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2014.03.13 12:05:02 | 000,000,550 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16496_none_4bdc4ccb40a43282.manifest
[2013.08.22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2013.08.22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll

< *minodlogin* /s >

< *tnod* /s >
[2014.04.12 16:58:37 | 000,000,099 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\Low\IE\CD7OJNLC\mailboxlastnode[1].gif

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2010.03.27 06:01:10 | 000,577,984 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\boost_serialization.dll
[2010.08.20 10:43:02 | 000,242,984 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\BDCore10\boost_serialization-mt.dll
[2010.08.20 10:43:16 | 000,165,160 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\BDCore10\boost_wserialization-mt.dll
[2014.02.13 23:57:42 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.13 20:32:43 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2013.08.03 06:41:46 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2008.07.31 12:41:44 | 000,002,502 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R4\en-US\Webdepot\RTSerialNumberHelp.html
[2013.09.13 07:01:52 | 000,167,528 | ---- | M] () -- \Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.XmlSerializers.dll
[2013.09.13 07:01:52 | 000,210,024 | ---- | M] () -- \Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.XmlSerializers.dll
[2014.02.14 00:30:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.13 20:33:34 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2013.10.22 01:55:10 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014.04.12 09:44:48 | 000,307,709 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\Low\IE\E4MOZS39\pozor-stahovanie-filmov-serialov-na-slovensku-nelegalne-trest-3-roky[1].htm
[2014.04.12 09:44:55 | 000,000,017 | ---- | M] () -- \Users\July\AppData\Local\Microsoft\Windows\INetCache\Low\IE\E4MOZS39\pozor-stahovanie-filmov-serialov-na-slovensku-nelegalne-trest-3-roky[2].htm
[2013.08.17 02:06:31 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.22 01:55:12 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.14 17:30:05 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\f49308848852427c29a07c781f2b2198\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.14 17:27:05 | 000,306,176 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\136511c9cc301e0cc8abf5236cee7366\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.14 17:27:05 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\136511c9cc301e0cc8abf5236cee7366\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.14 10:54:01 | 002,804,736 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\b110ef93e43ad2abdfa7b12c99443144\System.Runtime.Serialization.ni.dll
[2014.02.14 10:54:01 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\b110ef93e43ad2abdfa7b12c99443144\System.Runtime.Serialization.ni.dll.aux
[2014.02.14 17:11:00 | 000,366,080 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\c4c921022001c9e3f10f290e14eeb293\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.14 17:11:00 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\c4c921022001c9e3f10f290e14eeb293\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.14 13:33:34 | 003,530,752 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7aff7773a067dd551ea971df8030f45a\System.Runtime.Serialization.ni.dll
[2014.02.14 13:33:34 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7aff7773a067dd551ea971df8030f45a\System.Runtime.Serialization.ni.dll.aux
[2013.08.22 17:32:39 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2012.10.01 21:36:32 | 000,166,864 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\AS_Client_BackEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2012.10.01 21:36:32 | 000,209,360 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\AS_Client_Common_FrontEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2013.08.10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.08.10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.08.10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.08.10 02:55:16 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.08.10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2013.08.17 02:06:31 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.22 01:55:16 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.08.10 02:55:16 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.08.10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.08.10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.08.10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.08.10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.08.10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.08.17 02:06:27 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.22 01:55:14 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.08.10 02:41:27 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.08.10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.08.10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.08.10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.08.10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.08.10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.08.22 15:08:06 | 000,008,830 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~en-US~6.3.9600.16384.cat
[2013.08.22 14:36:48 | 000,000,781 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~en-US~6.3.9600.16384.mum
[2013.08.22 13:07:12 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~sk-SK~6.3.9600.16384.cat
[2013.08.22 12:41:06 | 000,000,781 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~sk-SK~6.3.9600.16384.mum
[2013.08.22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013.08.22 08:47:48 | 000,000,511 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.mum
[2013.08.22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\System32\serialui.dll
[2013.08.22 15:08:06 | 000,008,830 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~en-US~6.3.9600.16384.cat
[2013.08.22 13:07:12 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~sk-SK~6.3.9600.16384.cat
[2013.08.22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013.09.30 05:47:46 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2013.08.22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.inf
[2013.10.21 16:07:11 | 000,004,224 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.PNF
[2013.08.22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_1be60ad3a61e5531\serial.sys
[2013.09.30 05:47:55 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2013.08.22 04:34:12 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2013.08.22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2013.09.30 05:47:55 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2013.08.22 04:34:12 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2013.09.30 05:47:46 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb\c_multiportserial.inf_loc
[2013.08.22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff\c_multiportserial.inf
[2013.09.30 05:47:55 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_en-us_827f8cf89e9c274e\serialui.dll.mui
[2013.08.22 04:34:12 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_sk-sk_6abba959e4bb151f\serialui.dll.mui
[2013.08.22 13:13:54 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_e5c00198f2a1c32d\serialui.dll
[2013.09.30 05:47:46 | 000,010,240 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_f8cacded072dc6f7\serial.sys.mui
[2013.08.22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.3.9600.16384_none_e95610bc8c554aa7\serial.sys
[2013.08.10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_f73c7de0bb1de286\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_64635c6af076b012\System.Runtime.Serialization.Primitives.dll
[2013.08.10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288\System.Runtime.Serialization.Json.dll
[2013.08.10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5\System.Runtime.Serialization.Xml.dll
[2013.08.10 02:41:27 | 001,060,528 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba\System.Runtime.Serialization.dll
[2013.08.10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399\System.Xml.Serialization.dll
[2013.08.10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c\System.Xml.XmlSerializer.dll
[2013.08.17 02:06:27 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_f057a9271ce694b1\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.22 01:55:14 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7\System.Runtime.Serialization.dll
[2013.10.22 01:55:10 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060\System.Runtime.Serialization.dll
[2013.09.30 05:46:39 | 000,000,281 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_en-us_0659b95168cd2142.manifest
[2013.10.21 20:34:05 | 000,000,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_sk-sk_ee95d5b2aeec0f13.manifest
[2013.09.30 05:46:54 | 000,000,249 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb.manifest
[2013.08.22 17:20:14 | 000,000,210 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff.manifest
[2013.08.22 15:25:34 | 000,000,297 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.3.9600.16384_none_0273ed2980a1f589.manifest
[2013.08.22 17:22:11 | 000,001,512 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.3.9600.16384_none_26d3123b2d2a9360.manifest
[2013.08.22 17:22:07 | 000,000,110 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.3.9600.16384_none_1d7b32f2da6cfe0c.manifest
[2013.08.22 17:24:27 | 000,000,402 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288.manifest
[2013.08.22 17:24:29 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5.manifest
[2013.08.22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba.manifest
[2013.08.22 17:24:28 | 000,000,397 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399.manifest
[2013.08.22 17:24:27 | 000,000,403 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c.manifest
[2013.08.22 17:24:13 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7.manifest
[2013.08.22 17:24:13 | 000,000,416 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060.manifest
[2013.08.22 17:24:29 | 000,000,418 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245.manifest
[2013.08.22 17:24:24 | 000,000,430 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d.manifest
[2013.08.22 17:24:13 | 000,000,400 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1.manifest
[2013.09.30 05:47:27 | 000,000,149 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_en-us_80951863a93f3c56.manifest
[2013.09.30 05:47:25 | 000,000,152 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_en-us_d5f7bfa5c739f91d.manifest
[2013.08.22 17:24:24 | 000,000,419 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4.manifest
[2013.08.22 17:24:27 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d.manifest
[2013.08.22 17:24:13 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24.manifest
[2013.08.22 17:24:28 | 000,000,447 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202.manifest
[2013.08.22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755.manifest
[2013.08.22 17:24:56 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966.manifest
[2013.08.10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_0dbd81c1c9e100df\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.17 02:06:31 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_63202903e7dbbda6\System.Runtime.Serialization.Formatters.Soap.dll
[2013.08.10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245\System.Runtime.Serialization.Json.dll
[2013.08.10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d\System.Runtime.Serialization.Primitives.dll
[2013.10.22 01:55:16 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1\System.Runtime.Serialization.dll
[2013.08.10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4\System.Runtime.Serialization.Xml.dll
[2013.08.10 02:55:16 | 001,060,528 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d\System.Runtime.Serialization.dll
[2013.10.22 01:55:12 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24\System.Runtime.Serialization.dll
[2013.08.10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202\System.Xml.Serialization.dll
[2013.08.10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755\System.Xml.XmlSerializer.dll
[2013.09.30 05:47:55 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_en-us_2660f174e63eb618\serialui.dll.mui
[2013.08.22 04:34:12 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_sk-sk_0e9d0dd62c5da3e9\serialui.dll.mui
[2013.08.22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_89a166153a4451f7\serialui.dll
[2013.08.03 06:41:46 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes -> C:\Users\July\SkyDrive:ms-properties

< End of report >

[July]

druhý log

OTL Extras logfile created on: 12.4.2014 18:35:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\July\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

3,94 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 62,50% Memory free
4,81 Gb Paging File | 2,95 Gb Available in Paging File | 61,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 574,02 Gb Total Space | 84,84 Gb Free Space | 14,78% Space Free | Partition Type: NTFS
Drive D: | 16,85 Gb Total Space | 2,50 Gb Free Space | 14,80% Space Free | Partition Type: NTFS
Drive E: | 4,98 Gb Total Space | 4,97 Gb Free Space | 99,67% Space Free | Partition Type: FAT32

Computer Name: MAŤKO | User Name: July | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1362896159-3011310148-4193956620-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.scr [@ = AutoCADScriptFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{091E8550-6C0F-4B29-9627-ADD56033DEB1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4E222E0-E752-43EF-BBAB-412075A697D1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03FB751F-2779-4596-9C13-8F1751E2B08C}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{0527AF55-97A2-4D04-AFCE-937106A12F4C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{06F46827-09B1-4583-B908-55BD9AC95361}" = dir=out | name=@{microsoft.zunevideo_2.2.802.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{1050DE2E-0313-4CC5-851D-FF1BD7D7A537}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{10964B8C-F967-4B61-B48F-F2E10F509C9B}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{13277927-4683-4F97-863F-6851BF87BC20}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{174910CD-0A20-44FF-9963-9878CCC373B9}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{196D3E6F-79C7-44B9-85E8-69C404DC1903}" = dir=out | name=f5 vpn |
"{1A870B4A-5E0E-48E2-B6A3-1AB44993009A}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{1AAFE29A-A6BF-4B04-B8E6-BC5EE35ADBD8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{1AD444DA-C7F0-434B-830B-0F99E12FFF60}" = dir=out | name=windows_ie_ac_001 |
"{1D3A5B3D-C321-49BA-B49D-C382A99C61A9}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{1D9DC579-209F-4E00-98A0-54492C76C30B}" = dir=in | name=skype |
"{1E4ACBDF-6DDF-405B-8828-7F7FB9E3E6B5}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{21D91B10-D9EE-4E0E-87BB-D47A034724B0}" = dir=out | name=sonicwall mobile connect |
"{229EDBEB-EE4D-4DD0-B120-6A2E9A003621}" = dir=out | name=skype |
"{22C6EC0B-0224-44C7-9A23-91DCEA391FD1}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{2AF901EF-D1DF-49F7-90F0-3866BED79E86}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{37EB26C6-3250-4EFD-9CAB-ACEB8B32D1DA}" = dir=out | app=%programfiles% (x86)\common files\adobe\oobe\pdapp\uwa\logtransport2.exe |
"{3AD9E40F-912B-4DE8-A719-D7D3AB02990A}" = dir=out | app=%programfiles% (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe |
"{3E4107E3-50F8-449A-A0BE-588F541366F9}" = dir=out | app=%programfiles% (x86)\adobe\acrobat 11.0\acrobat\acrobat.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4D79A65B-5115-49C5-9DD5-E99BCD0E2CA9}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4F013820-8A41-4649-9C17-C4D917F60060}" = dir=out | app=%programfiles% (x86)\common files\adobe\oobe\pdapp\core\pdapp.exe |
"{53012A6F-434E-4E1C-9215-7D62D81BCE56}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{5491EACA-62F7-4D7C-921A-19DD8B2A4B28}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{5530BEE7-4B95-40DE-B4AF-C55AE94FEE48}" = dir=in | name=check point vpn |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5A5AA7EA-1ED4-4E67-AA80-93CC8079F3D5}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{5C6D15B4-A824-4DAD-9E1C-E5AD9ECC2F2A}" = dir=out | app=%programfiles% (x86)\common files\adobe\oobe\pdapp\uwa\adobe application manager (updater).exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5F85E0F8-48CE-4848-951B-FDCD4C9EDBCB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{6057DDBD-CD90-4A11-9E93-6CB48DE62AEB}" = dir=out | name=@{microsoft.bingweather_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{66BCADF1-B3C9-4F4C-9088-E7E03EBB8898}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{66D09B89-3256-4C24-B2C3-4D9657971350}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{691B3206-5787-4645-A63B-3C9199E78F2A}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{6DE61CBE-46A0-4B10-AF50-F04BE181A943}" = dir=in | name=f5 vpn |
"{6FCC18E8-600C-4338-A9B9-570B24C4A647}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{6FF91043-61E0-4257-B367-7B9CD8DD5C16}" = dir=out | name=@{microsoft.bingsports_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{736056D9-B68B-418F-9F29-C3BCD43AA686}" = dir=out | name=@{microsoft.zunemusic_2.2.800.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{75056866-F3B0-4AB5-854F-872F7BA56DFF}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{77CB67FE-25FC-416C-B07A-09DA87A4148A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{7842DCC9-939F-4EDC-8429-D6AE127F5F44}" = dir=out | name=@{microsoft.bingfinance_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{7BFCD441-A1C9-4D09-9BBF-2AEB6E9FF93A}" = dir=out | app=%programfiles% (x86)\common files\adobe\oobe\pdapp\p6\aam registration notifier.exe |
"{7FA41B75-0202-4144-9109-F10FC8EC7184}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{83A091D6-65CE-4954-B7BF-66CEC1F212CE}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{858AA6B3-1FD4-4942-B174-9E01C934F618}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{91D26115-3B0F-4561-8BD0-DD754F628CD5}" = dir=out | name=@{microsoft.bingnews_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{AB4AC873-FCD6-4D82-8F89-7BA63E02CA4A}" = dir=out | name=check point vpn |
"{AB4F3F7A-CECB-499D-9663-61851FA697F4}" = dir=in | name=sonicwall mobile connect |
"{AE21AACA-22A8-4D66-AFBA-7EF7CF9D4C3B}" = dir=in | name=juniper networks junos pulse |
"{B087F6AB-7466-4B4F-8A6F-2D9C45CB5D97}" = dir=out | name=windows_ie_ac_001 |
"{B09C1768-50DF-4603-8022-B46967422761}" = dir=out | app=%programfiles% (x86)\common files\adobe\arm\1.0\armsvc.exe |
"{B128CB31-AE02-49BA-A7AB-27DD2926FC09}" = dir=out | app=%programfiles% (x86)\common files\adobe\oobe\pdapp\uwa\aamlauncher.exe |
"{B4A008AE-DC7C-4839-AAA5-075FF83A9C10}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B9FDD26A-69C1-48FE-8071-BC2DBCFC3DE2}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{C209DB8E-EEB0-4955-9AFD-78E672CB581D}" = dir=out | name=juniper networks junos pulse |
"{C4BEC81A-3D4E-4DAE-9290-ED6A67387D8D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{CA6D582A-179A-42E2-95BA-BA51EF5FF34A}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{D16F4264-2797-4F40-B80A-3E111BA6AC30}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{D1F8CF5B-CC31-405D-9C34-E2A3EC6CBD03}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DA06A449-4054-415D-AAE9-979095F44218}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E90E7A53-1D65-4BD5-A9ED-B6FD9564FB99}" = dir=out | app=%programfiles% (x86)\common files\adobe\oobe\pdapp\uwa\aam updates notifier.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ED5073D1-C4E1-4705-AB67-B7E13987484A}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F2DFA560-93AB-4954-A48E-1A1C65B6697A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{F391623F-5044-43C2-8849-9328E6072D99}" = dir=out | app=%programfiles% (x86)\common files\adobe\oobe\pdapp\p6\adobe_licutil.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FA2823FB-3052-475C-B3F9-39DCAD4606BB}" = dir=out | app=%programfiles% (x86)\common files\adobe\arm\1.0\adobearm.exe |
"{FE3A065E-EA68-4737-BD02-A01EE51C9360}" = dir=out | app=%programfiles% (x86)\common files\adobe\oobe\pdapp\uwa\aam updates notifier.exe |
"{FE4FA0B0-2E27-496A-993B-2FEC537B3050}" = dir=out | name=@{microsoft.bingtravel_3.0.2.243_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{080EC5F6-072E-AF5F-F790-0FFF6B14692E}" = AMD Catalyst Install Manager
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{259EDF5A-8DF6-4771-A0DA-81F0C846F6E8}" = Core Graphics Software
"{26A24AE4-039D-4CA4-87B4-2F86417051FF}" = Java 7 Update 51 (64-bit)
"{33F3FCBA-4CC5-4A5B-A6DB-53478463D991}" = ViewSpan
"{345841F8-F9F9-9910-134E-49162B7FDDAD}" = ccc-utility64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BE91685-1632-47FC-B563-A8A542C6664C}" = Autodesk Network License Manager
"{5783F2D7-0111-0409-0110-0060B0CE6BBA}" = Autodesk CAD Manager Tools
"{5783F2D7-A001-0409-0102-0060B0CE6BBA}" = AutoCAD 2012 - English
"{5783F2D7-A001-0409-1102-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - English
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0015-041B-1000-0000000FF1CE}" = Microsoft Access MUI (Slovak) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0016-041B-1000-0000000FF1CE}" = Microsoft Excel MUI (Slovak) 2013
"{90150000-0017-041B-1000-0000000FF1CE}" = Microsoft SharePoint Designer MUI (Slovak) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0018-041B-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Slovak) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-0019-041B-1000-0000000FF1CE}" = Microsoft Publisher MUI (Slovak) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001A-041B-1000-0000000FF1CE}" = Microsoft Outlook MUI (Slovak) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001B-041B-1000-0000000FF1CE}" = Microsoft Word MUI (Slovak) 2013
"{90150000-001F-0405-1000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-040E-1000-0000000FF1CE}" = Microsoft Office Nyelvi ellenőrző eszközök 2013 – magyar
"{90150000-001F-041B-1000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-002C-041B-1000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-0044-041B-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Slovak) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-006E-041B-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-0090-041B-1000-0000000FF1CE}" = Microsoft DCF MUI (Slovak) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00A1-041B-1000-0000000FF1CE}" = Microsoft OneNote MUI (Slovak) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00BA-041B-1000-0000000FF1CE}" = Microsoft Groove MUI (Slovak) 2013
"{90150000-00BD-041B-1000-0000000FF1CE}" = Microsoft Office ScreenTip Language 2013 - slovenčina
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00C1-041B-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Slovak) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E1-041B-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Slovak) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-00E2-041B-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Slovak) 2013
"{90150000-0100-041B-1000-0000000FF1CE}" = Microsoft Office O MUI (Slovak) 2013
"{90150000-0101-041B-1000-0000000FF1CE}" = Microsoft X MUI (Slovak) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{90150000-012B-041B-1000-0000000FF1CE}" = Microsoft Lync MUI (Slovak) 2013
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A74B7E5F-C221-4303-AC85-39A5AFBDABDD}" = SMSC LAN9500 Device Driver
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{E552C39C-C70E-464F-9733-8311331BDD90}" = пакет локализации подключаемого модуля Autodesk Inventor Fusion для AutoCAD 2012
"{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = подключаемый модуль Autodesk Inventor Fusion для AutoCAD 2012
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = пакет локализации Autodesk Inventor Fusion 2012
"AutoCAD 2012 - English" = AutoCAD 2012 - English
"AutoCAD 2012 - English SP1" = AutoCAD 2012 - English SP1
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Lexmark X1100 Series" = Lexmark X1100 Series
"Office15.OMUI.sk-sk" = Microsoft Office Language Pack 2013 - Slovak/Slovenčina
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"Sandboxie" = Sandboxie 4.04 (64-bit)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 5.00 (64-bitová verzia)
"подключаемый модуль Autodesk Inventor Fusion для AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1812E293-E2D1-3072-0ED4-C15163533D7E}" = CCC Help Swedish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{25087F13-EBE7-C817-CA31-08C196F73B23}" = CCC Help Hungarian
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 Platinum HD
"{29043AAA-3A1A-D36B-C1CB-E201FA72C16A}" = CCC Help Dutch
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP HD Webcam Driver
"{3C7F465C-765F-A038-60BE-03B7301B0161}" = CCC Help Norwegian
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{42321261-5D40-644C-1235-927141D4FA20}" = CCC Help Portuguese
"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{446CF7B3-EE4D-1C10-E2B7-87C1C8517FE8}" = CCC Help Korean
"{450BED09-F405-87EE-CD52-5055B1EF8F72}" = CCC Help Chinese Standard
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4D628C2E-D9F7-2D3A-E610-00F4D52F219F}" = CCC Help Polish
"{4E0201A5-651E-90BE-5A4A-14420B36A4EF}" = Catalyst Control Center InstallProxy
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{553B5DE6-496A-4328-DE0B-D1C83F7FE4D8}" = CCC Help Turkish
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5EA2099A-0249-1D98-5387-0BEF207D72AA}" = AMD Catalyst Control Center
"{632396AA-8A78-A9A4-0945-7E24DF3F5B6C}" = CCC Help French
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{64592305-22DF-6756-FD51-1B7234D4C6AB}" = CCC Help Russian
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{6DC13EFF-D4FF-65B6-7538-8B3E6075853F}" = Catalyst Control Center InstallProxy
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Movie ThemePack 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{75BF632E-4761-4CF4-A368-E158B8A1BB1C}" = HP Port Replicator Software Installer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7BC48761-EE54-AA23-5607-0D11B7550CFB}" = CCC Help Italian
"{7C58E0C8-89FB-7E36-158C-5DC0B57027D9}" = CCC Help Czech
"{85BEC8F6-9AA3-43FF-B56B-8276277137B3}" = Nero 10 Video TransitionPack 1
"{87270A4A-EDE9-BFDF-AE0C-0FBDEEA5D4BD}" = CCC Help Thai
"{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}" = Catalyst Control Center
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{8F1ABC89-3D34-1D8B-DF69-EC9198604283}" = CCC Help Spanish
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{96DAF3C6-C2D4-5804-E219-86C034A02355}" = CCC Help Japanese
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{97D0A3DE-2A0E-CBD3-2023-31E9B04A197C}_is1" = Microsoft Toolkit 2.4.7 Official version for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}" = Adobe Illustrator CS5
"{9BB69BDB-FE40-24D2-3822-828FB6DF6DE2}" = CCC Help German
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}" = Nero 10 Movie ThemePack 4
"{A71019D0-8C9D-DB8D-2801-CBFC736FF307}" = CCC Help Danish
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-FFFF-7760-000000000006}" = Adobe Acrobat XI Pro
"{AC76BA86-7AD7-1051-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Slovak
"{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B99E1A30-E349-FA3B-80F7-FB55EBC40996}" = CCC Help Chinese Traditional
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C28E9DF6-C68D-18DF-076C-7E92B9F30A96}" = CCC Help English
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Qualcomm Atheros Driver Installation Program
"{C68D4599-2D2A-2060-39D0-0B3DEA861657}" = Catalyst Control Center Localization All
"{CB79256B-C0E0-40C6-8EB7-BDD796203581}" = Catalyst Control Center - Branding
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D82ABA2F-492B-440F-A9BC-12331B17EEA9}" = HP Software Framework
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}" = Nero 10 Movie ThemePack 3
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{E121A4FE-009B-385B-BB0D-B934E2A88288}" = Google Talk Plugin
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE531675-A09C-51DD-F356-ECA9D6857039}" = Adobe Community Help
"{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}" = Nero 10 PiP EffectPack 1
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{F940E929-2FFF-1F4E-7ECB-DE1B0377D627}" = CCC Help Finnish
"{FB8AF07B-42FB-4746-058A-B6A063472452}" = CCC Help Greek
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Audacity_is1" = Audacity 2.0.4
"Color Efex Pro 4" = Color Efex Pro 4
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Core Graphics Software" = SMSC Core Graphics Software
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 10.0.5
"Lexicon5" = Lingea Lexicon 5
"Mozilla Firefox 28.0 (x86 sk)" = Mozilla Firefox 28.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NBRTWizard" = Norton Bootable Recovery Tool Wizard
"NIS" = Norton Internet Security
"Notepad++" = Notepad++
"PDFTools_is1" = PDFTools Version 1.3 (08/26/2007)
"Silver Efex Pro 2" = Silver Efex Pro 2
"Universal Document Converter_is1" = Universal Document Converter Server Edition
"VLC media player" = VLC media player 2.0.8
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1362896159-3011310148-4193956620-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12.4.2014 10:48:22 | Computer Name = Maťko | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01b
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 12.4.2014 11:08:20 | Computer Name = Maťko | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01b
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 12.4.2014 11:15:08 | Computer Name = Maťko | Source = Application Error | ID = 1000
Description = Názov chybujúcej aplikácie: explorer.exe, verzia: 6.3.9600.16441,
časová značka: 0x5265dec8 Názov chybujúceho modulu: KERNELBASE.dll, verzia: 6.3.9600.16656,
časová značka: 0x5318237f Kód výnimky: 0xc06d007e Odstup chyby: 0x00000000000043c8
Identifikácia
chybujúceho procesu: 0x1c4 Čas spustenia chybujúcej aplikácie: 0x01cf5661fb3fb22b
Cesta
chybujúcej aplikácie: C:\WINDOWS\explorer.exe Cesta chybujúceho modulu: C:\WINDOWS\system32\KERNELBASE.dll
Identifikácia
hlásenia: 3b5102b3-c255-11e3-bee0-2c413811a24c Celé meno chybujúceho balíka: Identifikácia
chybujúcej aplikácie vzhľadom na balík:

Error - 12.4.2014 11:15:19 | Computer Name = Maťko | Source = Application Error | ID = 1000
Description = Názov chybujúcej aplikácie: explorer.exe, verzia: 6.3.9600.16441,
časová značka: 0x5265dec8 Názov chybujúceho modulu: KERNELBASE.dll, verzia: 6.3.9600.16656,
časová značka: 0x5318237f Kód výnimky: 0xc06d007e Odstup chyby: 0x00000000000043c8
Identifikácia
chybujúceho procesu: 0x1c4 Čas spustenia chybujúcej aplikácie: 0x01cf5661fb3fb22b
Cesta
chybujúcej aplikácie: C:\WINDOWS\explorer.exe Cesta chybujúceho modulu: C:\WINDOWS\system32\KERNELBASE.dll
Identifikácia
hlásenia: 4200f278-c255-11e3-bee0-2c413811a24c Celé meno chybujúceho balíka: Identifikácia
chybujúcej aplikácie vzhľadom na balík:

Error - 12.4.2014 12:10:36 | Computer Name = Maťko | Source = Chrome | ID = 1
Description =

Error - 12.4.2014 12:24:49 | Computer Name = Maťko | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start

Error - 12.4.2014 12:26:35 | Computer Name = Maťko | Source = Application Error | ID = 1000
Description = Názov chybujúcej aplikácie: explorer.exe, verzia: 6.3.9600.16441,
časová značka: 0x5265dec8 Názov chybujúceho modulu: KERNELBASE.dll, verzia: 6.3.9600.16656,
časová značka: 0x5318237f Kód výnimky: 0xc06d007e Odstup chyby: 0x00000000000043c8
Identifikácia
chybujúceho procesu: 0x94 Čas spustenia chybujúcej aplikácie: 0x01cf566befd2891d
Cesta
chybujúcej aplikácie: C:\WINDOWS\explorer.exe Cesta chybujúceho modulu: C:\WINDOWS\system32\KERNELBASE.dll
Identifikácia
hlásenia: 367b9822-c25f-11e3-bee2-2c413811a24c Celé meno chybujúceho balíka: Identifikácia
chybujúcej aplikácie vzhľadom na balík:

Error - 12.4.2014 12:28:04 | Computer Name = Maťko | Source = Application Error | ID = 1000
Description = Názov chybujúcej aplikácie: explorer.exe, verzia: 6.3.9600.16441,
časová značka: 0x5265dec8 Názov chybujúceho modulu: KERNELBASE.dll, verzia: 6.3.9600.16656,
časová značka: 0x5318237f Kód výnimky: 0xc06d007e Odstup chyby: 0x00000000000043c8
Identifikácia
chybujúceho procesu: 0x94 Čas spustenia chybujúcej aplikácie: 0x01cf566befd2891d
Cesta
chybujúcej aplikácie: C:\WINDOWS\explorer.exe Cesta chybujúceho modulu: C:\WINDOWS\system32\KERNELBASE.dll
Identifikácia
hlásenia: 6bce3336-c25f-11e3-bee2-2c413811a24c Celé meno chybujúceho balíka: Identifikácia
chybujúcej aplikácie vzhľadom na balík:

Error - 12.4.2014 12:28:55 | Computer Name = Maťko | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01b
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 12.4.2014 12:32:48 | Computer Name = Maťko | Source = Application Error | ID = 1000
Description = Názov chybujúcej aplikácie: explorer.exe, verzia: 6.3.9600.16441,
časová značka: 0x5265dec8 Názov chybujúceho modulu: KERNELBASE.dll, verzia: 6.3.9600.16656,
časová značka: 0x5318237f Kód výnimky: 0xc06d007e Odstup chyby: 0x00000000000043c8
Identifikácia
chybujúceho procesu: 0x94 Čas spustenia chybujúcej aplikácie: 0x01cf566befd2891d
Cesta
chybujúcej aplikácie: C:\WINDOWS\explorer.exe Cesta chybujúceho modulu: C:\WINDOWS\system32\KERNELBASE.dll
Identifikácia
hlásenia: 14cd8a24-c260-11e3-bee2-2c413811a24c Celé meno chybujúceho balíka: Identifikácia
chybujúcej aplikácie vzhľadom na balík:

[ System Events ]
Error - 12.4.2014 12:23:05 | Computer Name = Maťko | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Server, od ktorej závisí služba Computer Browser,
zlyhalo kvôli nasledujúcej chybe: %%1068

Error - 12.4.2014 12:23:30 | Computer Name = Maťko | Source = DCOM | ID = 10005
Description =

Error - 12.4.2014 12:23:52 | Computer Name = Maťko | Source = DCOM | ID = 10005
Description =

Error - 12.4.2014 12:23:52 | Computer Name = Maťko | Source = DCOM | ID = 10005
Description =

Error - 12.4.2014 12:24:06 | Computer Name = Maťko | Source = DCOM | ID = 10005
Description =

Error - 12.4.2014 12:24:06 | Computer Name = Maťko | Source = DCOM | ID = 10005
Description =

Error - 12.4.2014 12:24:48 | Computer Name = Maťko | Source = SbieDrv | ID = 16843857
Description = SBIE1105 Neznámy operačný systém, verzia: 6.3 (9600)

Error - 12.4.2014 12:24:48 | Computer Name = Maťko | Source = SbieDrv | ID = 16843855
Description = SBIE1103 Sandboxie ovládač (SbieDrv) verzia 4.04 nepodarila sa spustiť

Error - 12.4.2014 12:24:53 | Computer Name = Maťko | Source = SbieSvc | ID = 16851986
Description = SBIE9234 Service startup error level 9153 status=C0000001 error=-1073741823

Error - 12.4.2014 12:25:18 | Computer Name = Maťko | Source = BTHUSB | ID = 327697
Description = Miestny adaptér Bluetooth zlyhal bližšie neurčeným spôsobom a nebude
sa používať. Ovládač bol odstránený z pamäte.


< End of report >

[Márty84]

Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1362896159-3011310148-4193956620-1001Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1362896159-3011310148-4193956620-1001UA.job
C:\WINDOWS\tasks\HPCeeScheduleForJuly.job

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1362896159-3011310148-4193956620-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 BD A4 AF 11 F9 CE 01 [binary data]
IE - HKU\S-1-5-21-1362896159-3011310148-4193956620-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1362896159-3011310148-4193956620-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
[2014.03.13 23:12:19 | 000,000,000 | ---D | M] (Autocopy) -- C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-1362896159-3011310148-4193956620-1001..\Run: [AdobeBridge] File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[4 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\WINDOWS\Inf\Intel Storage Counters\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\*.tmp -> ]
[2 C:\WINDOWS\Inf\Intel Storage Counters\0000\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\0000\*.tmp -> ]
[2 C:\WINDOWS\Inf\Intel Storage Counters\0009\*.tmp files -> C:\WINDOWS\Inf\Intel Storage Counters\0009\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
@Alternate Data Stream - 199 bytes -> C:\Users\July\SkyDrive:ms-properties

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"AdobeBridge"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"QuickTime Task"=-
""=-
"Acrobat Assistant 8.0"=-
"AdobeCS6ServiceManager"=-
"AdobeCS5ServiceManager"=-
"SunJavaUpdateSched"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[July]

tu je ten log:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: .NET v4.5
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: .NET v4.5 Classic
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default.migrated

User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes

User: July
->Temp folder emptied: 778989084 bytes
->Temporary Internet Files folder emptied: 309475628 bytes
->Java cache emptied: 2584089 bytes
->FireFox cache emptied: 34600302 bytes
->Google Chrome cache emptied: 437412440 bytes
->Flash cache emptied: 38235 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 1452880 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17384054 bytes
RecycleBin emptied: 220372533 bytes

Total Files Cleaned = 1 719,00 mb


[EMPTYFLASH]

User: .NET v4.5

User: .NET v4.5 Classic

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Default.migrated

User: DefaultAppPool
->Flash cache emptied: 0 bytes

User: July
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1362896159-3011310148-4193956620-1001Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1362896159-3011310148-4193956620-1001UA.job moved successfully.
C:\WINDOWS\tasks\HPCeeScheduleForJuly.job moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-1362896159-3011310148-4193956620-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKEY_USERS\S-1-5-21-1362896159-3011310148-4193956620-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1362896159-3011310148-4193956620-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\defaults\preferences folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\defaults folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\skin\classic\autocopy folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\skin\classic folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\skin folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\zh-TW folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\sv-SE folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\sk-SK folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\pt-PT folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\pt-BR folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\pl-PL folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\mk-MK folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\ko-KR folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\ja-JP folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\it-IT folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\hu-HU folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\gl-ES folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\fr-FR folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\es-ES folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\es-AR folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\en-US folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\el-GR folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\de-DE folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\da-DK folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\cs-CZ folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy\bg-BG folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale\autocopy folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\locale folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\content\autocopy folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome\content folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}\chrome folder moved successfully.
C:\Users\July\AppData\Roaming\mozilla\Firefox\Profiles\820sicq2.default-1378316999575\extensions\{0FED7D55-65D4-47b6-A6DE-9A4ADB55355F} folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1362896159-3011310148-4193956620-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP119.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD1EF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD4B.tmp folder deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\tmp88BF.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\tmp88DF.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\tmpB9EF.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\tmpB9F0.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\0000\tmp88BF.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\0000\tmpB9EF.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\0009\tmp88BF.tmp deleted successfully.
C:\WINDOWS\Inf\Intel Storage Counters\0009\tmpB9EF.tmp deleted successfully.
C:\WINDOWS\Installer\MSI9F21.tmp deleted successfully.
Unable to delete ADS C:\Users\July\SkyDrive:ms-properties .
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 04122014_212046

Files\Folders moved on Reboot...
C:\Users\July\AppData\Local\Temp\Low\JavaDeployReg.log moved successfully.
File\Folder C:\Users\July\AppData\Local\Temp\AHIAB06.tmp not found!
File\Folder C:\Users\July\AppData\Local\Temp\ogs2 not found!
C:\Users\July\AppData\Local\Temp\ws_Crypto_20140412_0.log moved successfully.
C:\Users\July\AppData\Local\Microsoft\Windows\INetCache\Low\IE\JXPFFKBX\posting[1].htm moved successfully.
C:\Users\July\AppData\Local\Microsoft\Windows\INetCache\Low\AntiPhishing\4A72F430-B40C-4D36-A068-CE33ADA5ADF9.dat moved successfully.
C:\Users\July\AppData\Local\Microsoft\Windows\INetCache\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\July\AppData\Local\Microsoft\Windows\INetCache\Low\SuggestedSites.dat moved successfully.
C:\Users\July\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Postupujte podle navodu kolegy

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V okne Additional Option zakliknete vsechny moznosti
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

[July]

22:57:37.0407 0452 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:57:37.0452 0452 ============================================================
22:57:37.0452 0452 Current date / time: 2014/04/12 22:57:37.0452
22:57:37.0452 0452 SystemInfo:
22:57:37.0452 0452
22:57:37.0452 0452 OS Version: 6.2.9200 ServicePack: 0.0
22:57:37.0452 0452 Product type: Workstation
22:57:37.0452 0452 ComputerName: MAŤKO
22:57:37.0452 0452 UserName: July
22:57:37.0452 0452 Windows directory: C:\WINDOWS
22:57:37.0452 0452 System windows directory: C:\WINDOWS
22:57:37.0452 0452 Running under WOW64
22:57:37.0452 0452 Processor architecture: Intel x64
22:57:37.0452 0452 Number of processors: 4
22:57:37.0452 0452 Page size: 0x1000
22:57:37.0452 0452 Boot type: Normal boot
22:57:37.0452 0452 ============================================================
22:57:38.0832 0452 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:57:38.0832 0452 ============================================================
22:57:38.0832 0452 \Device\Harddisk0\DR0:
22:57:38.0832 0452 MBR partitions:
22:57:38.0832 0452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
22:57:38.0832 0452 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x47C0B000
22:57:38.0832 0452 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x47CA1800, BlocksNum 0x21B5000
22:57:38.0832 0452 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x49E56800, BlocksNum 0x9FD800
22:57:38.0832 0452 ============================================================
22:57:38.0877 0452 C: <-> \Device\Harddisk0\DR0\Partition2
22:57:38.0922 0452 D: <-> \Device\Harddisk0\DR0\Partition3
22:57:38.0937 0452 E: <-> \Device\Harddisk0\DR0\Partition4
22:57:38.0937 0452 ============================================================
22:57:38.0937 0452 Initialize success
22:57:38.0937 0452 ============================================================
23:00:16.0829 1520 ============================================================
23:00:16.0829 1520 Scan started
23:00:16.0829 1520 Mode: Manual; SigCheck; TDLFS;
23:00:16.0829 1520 ============================================================
23:00:17.0219 1520 ================ Scan system memory ========================
23:00:17.0219 1520 System memory - ok
23:00:17.0219 1520 ================ Scan services =============================
23:00:17.0422 1520 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
23:00:17.0532 1520 1394ohci - ok
23:00:17.0563 1520 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
23:00:17.0610 1520 3ware - ok
23:00:17.0735 1520 [ 77B8A30E614786BB8F878D2B9346F6CC ] ABBYY.Licensing.FineReader.Professional.9.0 C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe
23:00:17.0813 1520 ABBYY.Licensing.FineReader.Professional.9.0 - ok
23:00:17.0860 1520 [ 3D30878A269D934100FA5F972E53AF39 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
23:00:17.0922 1520 ACPI - ok
23:00:17.0954 1520 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
23:00:18.0001 1520 acpiex - ok
23:00:18.0032 1520 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
23:00:18.0094 1520 acpipagr - ok
23:00:18.0126 1520 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
23:00:18.0204 1520 AcpiPmi - ok
23:00:18.0219 1520 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
23:00:18.0266 1520 acpitime - ok
23:00:18.0298 1520 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:00:18.0344 1520 ADP80XX - ok
23:00:18.0376 1520 [ B19CA8E441D35AA2B1EE51C10B27DA1B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
23:00:18.0485 1520 AeLookupSvc - ok
23:00:18.0563 1520 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
23:00:18.0688 1520 AESTFilters ( UnsignedFile.Multi.Generic ) - warning
23:00:18.0688 1520 AESTFilters - detected UnsignedFile.Multi.Generic (1)
23:00:18.0735 1520 [ 239268BAB58EAE9A3FF4E08334C00451 ] AFD C:\WINDOWS\system32\drivers\afd.sys
23:00:18.0829 1520 AFD - ok
23:00:18.0844 1520 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
23:00:18.0876 1520 agp440 - ok
23:00:18.0907 1520 [ 8E8E34B7BA059050EED827410D0697A2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:00:19.0016 1520 ahcache - ok
23:00:19.0063 1520 [ A91D8E1E433EFB32551BCE69037E1CE7 ] ALG C:\WINDOWS\System32\alg.exe
23:00:19.0157 1520 ALG - ok
23:00:19.0188 1520 [ 66B54471B5856E314947881E28263A6D ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
23:00:19.0360 1520 AMD External Events Utility - ok
23:00:19.0376 1520 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
23:00:19.0470 1520 AmdK8 - ok
23:00:19.0720 1520 [ FBB35875FEFE53D4280259842069ED72 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
23:00:20.0157 1520 amdkmdag - ok
23:00:20.0204 1520 [ A32BCAD9377E3B75D034CAFBA463A0AE ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
23:00:20.0282 1520 amdkmdap - ok
23:00:20.0329 1520 [ 8A375CB3B6D1A56A2AEEE72A5F1D0926 ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
23:00:20.0360 1520 amdkmpfd - ok
23:00:20.0376 1520 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
23:00:20.0470 1520 AmdPPM - ok
23:00:20.0501 1520 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
23:00:20.0532 1520 amdsata - ok
23:00:20.0548 1520 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
23:00:20.0579 1520 amdsbs - ok
23:00:20.0595 1520 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
23:00:20.0610 1520 amdxata - ok
23:00:20.0688 1520 [ 9DCB42905F1EBF9CEC57EE5DF0BDA965 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
23:00:20.0782 1520 AppHostSvc - ok
23:00:20.0813 1520 [ 04951A9A937CBE28A2D3FEEA360B6D1F ] AppID C:\WINDOWS\system32\drivers\appid.sys
23:00:20.0876 1520 AppID - ok
23:00:20.0923 1520 [ C0DC3F58214A227980AEB091CFD2F973 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
23:00:21.0001 1520 AppIDSvc - ok
23:00:21.0017 1520 [ 7E790DE2487CEDB349D1750B9E47F090 ] Appinfo C:\WINDOWS\System32\appinfo.dll
23:00:21.0095 1520 Appinfo - ok
23:00:21.0126 1520 [ 8176FBA685178FB0F52D46693474FA50 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:00:21.0188 1520 AppMgmt - ok
23:00:21.0251 1520 [ 4B964AE0DF433A3BFA7BD24713BC2E9B ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
23:00:21.0360 1520 AppReadiness - ok
23:00:21.0454 1520 [ 0B726D9ED75C787D6FFAF1E3873BCC70 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
23:00:21.0563 1520 AppXSvc - ok
23:00:21.0595 1520 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
23:00:21.0610 1520 arcsas - ok
23:00:21.0735 1520 [ AA2E8C6B8D7EA7BAF04C988801927F48 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:00:21.0767 1520 aspnet_state - ok
23:00:21.0813 1520 [ 3DB7721F06BC2FEDB25029EA23AB27DA ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:00:21.0860 1520 AsyncMac - ok
23:00:21.0892 1520 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys
23:00:21.0907 1520 atapi - ok
23:00:21.0938 1520 [ 025D1977A84BE0FA95505069DDCF7120 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
23:00:22.0017 1520 AtherosSvc - ok
23:00:22.0142 1520 [ B04BF12AEBFB5E71971B4EDA4EDFC196 ] athr C:\WINDOWS\system32\DRIVERS\athwnx.sys
23:00:22.0313 1520 athr - ok
23:00:22.0376 1520 [ 4903CBC14742B5AB4DCF7A92F7DEC483 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:00:22.0470 1520 AudioEndpointBuilder - ok
23:00:22.0501 1520 [ EF276593AD1BDF5A99032F62D6272848 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
23:00:22.0579 1520 Audiosrv - ok
23:00:22.0642 1520 [ 1992C2A1867D95AA3A0802539358D162 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
23:00:22.0689 1520 Autodesk Content Service - ok
23:00:22.0720 1520 [ 96E8CAF20FC4B6C31CAD7816A801EB78 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
23:00:22.0798 1520 AxInstSV - ok
23:00:22.0845 1520 [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
23:00:22.0907 1520 b06bdrv - ok
23:00:22.0954 1520 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:00:23.0032 1520 BasicDisplay - ok
23:00:23.0048 1520 [ 2748E116F8621A4DB0D39FCDD7318C01 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
23:00:23.0095 1520 BasicRender - ok
23:00:23.0157 1520 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
23:00:23.0204 1520 bcmfn2 - ok
23:00:23.0251 1520 [ BBE61A40665B83488901E41082A6097D ] BDESVC C:\WINDOWS\System32\bdesvc.dll
23:00:23.0360 1520 BDESVC - ok
23:00:23.0392 1520 [ EC19013E4CF87609534165DF897274D6 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:00:23.0470 1520 Beep - ok
23:00:23.0517 1520 [ 6468B696C65775D51A06615830E0E79D ] BFE C:\WINDOWS\System32\bfe.dll
23:00:23.0610 1520 BFE - ok
23:00:23.0767 1520 [ F14F048B4D05FBCE536250EA74BF9FDC ] BHDrvx64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140214.001\BHDrvx64.sys
23:00:23.0907 1520 BHDrvx64 - ok
23:00:23.0939 1520 [ 15225081966C785A9192782401643FD4 ] BITS C:\WINDOWS\System32\qmgr.dll
23:00:24.0001 1520 BITS - ok
23:00:24.0017 1520 [ 6B4FFFDDC618FCF64473CAA86E305697 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
23:00:24.0079 1520 bowser - ok
23:00:24.0095 1520 [ A6207A88B596F726DE558425F3B7E592 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:00:24.0173 1520 BrokerInfrastructure - ok
23:00:24.0220 1520 [ D528D6A92D187777691993DD757AF19A ] Browser C:\WINDOWS\System32\browser.dll
23:00:24.0314 1520 Browser - ok
23:00:24.0345 1520 [ 942F3F6286056D6BBB5B02ED2B7088BD ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys
23:00:24.0392 1520 BTATH_A2DP - ok
23:00:24.0423 1520 [ 43C965027229D9FF6E52E4C71C03B09E ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys
23:00:24.0470 1520 btath_avdt - ok
23:00:24.0485 1520 [ 23CEDCD7527A26B222732A158F76EB24 ] BTATH_BUS C:\WINDOWS\System32\drivers\btath_bus.sys
23:00:24.0517 1520 BTATH_BUS - ok
23:00:24.0548 1520 [ 3DD64966A764BCAFF07C9DC064BD410E ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys
23:00:24.0610 1520 BTATH_HCRP - ok
23:00:24.0642 1520 [ B68EE0721EAC305AB1C9C989CDF1AEFF ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
23:00:24.0689 1520 BTATH_LWFLT - ok
23:00:24.0704 1520 [ 057DA8351AD21AE485A11A8237DC9263 ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys
23:00:24.0735 1520 BTATH_RCP - ok
23:00:24.0767 1520 [ 39FFF1464DD0809B67D3E70E885485C8 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
23:00:24.0829 1520 BtFilter - ok
23:00:24.0861 1520 [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:00:24.0907 1520 BthAvrcpTg - ok
23:00:24.0939 1520 [ 131F1C8573E7BFB41C54FBF5309CCD94 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
23:00:24.0985 1520 BthEnum - ok
23:00:25.0001 1520 [ 746B9F94214915AECDE4B7FEA5FF9664 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
23:00:25.0032 1520 BthHFEnum - ok
23:00:25.0064 1520 [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
23:00:25.0095 1520 bthhfhid - ok
23:00:25.0142 1520 [ 07E33226AD218A2A162662A05CAFB52F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
23:00:25.0173 1520 BTHMODEM - ok
23:00:25.0189 1520 [ 3AFE71D80EDF5D4DE0C5731352905669 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
23:00:25.0251 1520 BthPan - ok
23:00:25.0298 1520 [ 10EDF9E0838BA4578FFFFF274632D454 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
23:00:25.0376 1520 BTHPORT - ok
23:00:25.0408 1520 [ E5E48FEED73D463175EAB1542495191C ] bthserv C:\WINDOWS\system32\bthserv.dll
23:00:25.0454 1520 bthserv - ok
23:00:25.0486 1520 [ 0E7FA34B975764C33B5DBC6F8C401627 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
23:00:25.0548 1520 BTHUSB - ok
23:00:25.0626 1520 [ 0510396A957E9FD7205BA62D3CAE4528 ] ccSet_NIS C:\WINDOWS\system32\drivers\NISx64\1502000.026\ccSetx64.sys
23:00:25.0658 1520 ccSet_NIS - ok
23:00:25.0704 1520 [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:00:25.0767 1520 cdfs - ok
23:00:25.0783 1520 [ C6796EA22B513E3457514D92DCDB1A3D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
23:00:25.0829 1520 cdrom - ok
23:00:25.0861 1520 [ AB285CE3431FF3D2ACE669245874C1C7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
23:00:25.0923 1520 CertPropSvc - ok
23:00:25.0954 1520 [ BE9936EDD3267FAAFF94A7835867F00B ] circlass C:\WINDOWS\System32\drivers\circlass.sys
23:00:25.0986 1520 circlass - ok
23:00:26.0017 1520 [ B8B663BE41827211737F627473D6D192 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
23:00:26.0048 1520 CLFS - ok
23:00:26.0111 1520 [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
23:00:26.0204 1520 CmBatt - ok
23:00:26.0251 1520 [ 825BE21E6395E00698D8A23955A87972 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
23:00:26.0298 1520 CNG - ok
23:00:26.0314 1520 [ 03AAED827C36F35D70900558B8274905 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
23:00:26.0345 1520 CompositeBus - ok
23:00:26.0361 1520 COMSysApp - ok
23:00:26.0376 1520 [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
23:00:26.0454 1520 condrv - ok
23:00:26.0579 1520 [ 08F934092E0429BADF88E9F91DB0F61E ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
23:00:26.0720 1520 cphs - ok
23:00:26.0751 1520 [ 0EFE4B5884A8032617826A4D76F80969 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
23:00:26.0829 1520 CryptSvc - ok
23:00:26.0845 1520 [ EE2F3C0D6ADBC975D6B621EC15ACF4E2 ] CSC C:\WINDOWS\system32\drivers\csc.sys
23:00:26.0892 1520 CSC - ok
23:00:26.0939 1520 [ 936D9E2871CEEFF6A33695D98374367B ] CscService C:\WINDOWS\System32\cscsvc.dll
23:00:27.0017 1520 CscService - ok
23:00:27.0048 1520 [ 315BA4BC19316D72B2E037534E048B93 ] dam C:\WINDOWS\system32\drivers\dam.sys
23:00:27.0079 1520 dam - ok
23:00:27.0142 1520 [ 3FD5AE42EC87C6F532A931F96BE731DD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:00:27.0236 1520 DcomLaunch - ok
23:00:27.0298 1520 [ F4CCAADC2C78F57E4F16B24C9201CE22 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
23:00:27.0361 1520 defragsvc - ok
23:00:27.0408 1520 [ 0BC71D4D3B5883903C37BF4E13B0F0C5 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:00:27.0501 1520 DeviceAssociationService - ok
23:00:27.0533 1520 [ 752A457320A946E03C3AA86C3ACD735E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
23:00:27.0595 1520 DeviceInstall - ok
23:00:27.0642 1520 [ 5DB26D7E0216D0BF364A81D3829AD7B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
23:00:27.0705 1520 Dfsc - ok
23:00:27.0751 1520 [ 8B107F55FD61654A6C9F1B819AEC5FC4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
23:00:27.0861 1520 Dhcp - ok
23:00:27.0908 1520 [ 4D40C9B33F738797CF50E77CB7C53E85 ] disk C:\WINDOWS\system32\drivers\disk.sys
23:00:27.0955 1520 disk - ok
23:00:27.0970 1520 [ EB70A894708D1BC176AFD690FF06085F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
23:00:28.0048 1520 dmvsc - ok
23:00:28.0080 1520 [ 5BAF7714E68F93515A937A3FA8587EF9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:00:28.0173 1520 Dnscache - ok
23:00:28.0236 1520 [ 50288EA079BB520C2B8C8A154202D518 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
23:00:28.0283 1520 dot3svc - ok
23:00:28.0298 1520 [ 281BEE07BA97E3E98D12A822D923D0D8 ] DPS C:\WINDOWS\system32\dps.dll
23:00:28.0345 1520 DPS - ok
23:00:28.0376 1520 [ DDC11A202207C0400CBE07315B8FDE5E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:00:28.0392 1520 drmkaud - ok
23:00:28.0439 1520 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
23:00:28.0501 1520 DsmSvc - ok
23:00:28.0580 1520 [ 13B160C1913F012BD1615EB1398D3779 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:00:28.0642 1520 DXGKrnl - ok
23:00:28.0689 1520 [ 6073537F250B45E1CB2A02E97F0FE1B2 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
23:00:28.0736 1520 Eaphost - ok
23:00:28.0861 1520 [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
23:00:28.0986 1520 ebdrv - ok
23:00:29.0048 1520 [ 1B7AA375F711F66D5FF2B855F9EC987F ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:00:29.0111 1520 eeCtrl - ok
23:00:29.0158 1520 [ F6F209DDB94959BA104FC8FC87C53759 ] EFS C:\WINDOWS\System32\lsass.exe
23:00:29.0205 1520 EFS - ok
23:00:29.0236 1520 [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
23:00:29.0283 1520 EhStorClass - ok
23:00:29.0298 1520 [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:00:29.0314 1520 EhStorTcgDrv - ok
23:00:29.0345 1520 [ 7230C8B80DDE1F0524C353240B78CC0E ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:00:29.0423 1520 EraserUtilRebootDrv ( UnsignedFile.Multi.Generic ) - warning
23:00:29.0423 1520 EraserUtilRebootDrv - detected UnsignedFile.Multi.Generic (1)
23:00:29.0439 1520 [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
23:00:29.0486 1520 ErrDev - ok
23:00:29.0548 1520 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3 ] EventSystem C:\WINDOWS\system32\es.dll
23:00:29.0611 1520 EventSystem - ok
23:00:29.0627 1520 [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
23:00:29.0658 1520 exfat - ok
23:00:29.0689 1520 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
23:00:29.0736 1520 fastfat - ok
23:00:29.0783 1520 [ 2BC8532ABF2B3756B78FA1DA54147DDE ] Fax C:\WINDOWS\system32\fxssvc.exe
23:00:29.0892 1520 Fax - ok
23:00:29.0923 1520 [ 5D8402613E778B3BD45E687A8372710B ] fdc C:\WINDOWS\System32\drivers\fdc.sys
23:00:29.0970 1520 fdc - ok
23:00:30.0002 1520 [ DC1A78BCCCB7EE53D6FD3BD615A8E222 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
23:00:30.0049 1520 fdPHost - ok
23:00:30.0080 1520 [ E5AD448F2DC84B1CF387FA7F2A3D1936 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
23:00:30.0127 1520 FDResPub - ok
23:00:30.0158 1520 [ 0046E0BD031213D37123876B0D0FA61C ] fhsvc C:\WINDOWS\system32\fhsvc.dll
23:00:30.0236 1520 fhsvc - ok
23:00:30.0267 1520 [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
23:00:30.0283 1520 FileInfo - ok
23:00:30.0299 1520 [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
23:00:30.0345 1520 Filetrace - ok
23:00:30.0470 1520 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
23:00:30.0705 1520 FLEXnet Licensing Service 64 - ok
23:00:30.0720 1520 [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
23:00:30.0767 1520 flpydisk - ok
23:00:30.0799 1520 [ 60D5067FCE6D9433D35E04C01D8538B3 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:00:30.0830 1520 FltMgr - ok
23:00:30.0892 1520 [ 183CA7699474FDE235853967D1DA4D9B ] FontCache C:\WINDOWS\system32\FntCache.dll
23:00:31.0033 1520 FontCache - ok
23:00:31.0174 1520 [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:00:31.0220 1520 FontCache3.0.0.0 - ok
23:00:31.0267 1520 [ 35005534E600E993A90B036E4E599F2B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
23:00:31.0314 1520 FsDepends - ok
23:00:31.0330 1520 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:00:31.0361 1520 Fs_Rec - ok
23:00:31.0408 1520 [ 83E1F0983B02A6F8EC764D18E24ECF10 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:00:31.0486 1520 fvevol - ok
23:00:31.0533 1520 [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
23:00:31.0596 1520 FxPPM - ok
23:00:31.0627 1520 [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
23:00:31.0642 1520 gagp30kx - ok
23:00:31.0674 1520 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:00:31.0705 1520 GEARAspiWDM - ok
23:00:31.0736 1520 [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
23:00:31.0783 1520 gencounter - ok
23:00:31.0830 1520 [ FDA72810CA2F8409D9B31E833C448E34 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:00:31.0861 1520 GPIOClx0101 - ok
23:00:31.0939 1520 [ 0BDE0FCF597E9B65600121EF54FF8340 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
23:00:32.0017 1520 gpsvc - ok
23:00:32.0064 1520 [ 56F69F7C25FB67C970997D7066DBC593 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
23:00:32.0111 1520 HdAudAddService - ok
23:00:32.0158 1520 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
23:00:32.0221 1520 HDAudBus - ok
23:00:32.0236 1520 [ 10A70BC1871CD955D85CD88372724906 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
23:00:32.0299 1520 HidBatt - ok
23:00:32.0330 1520 [ 1EA1B4FABB8CC348E73CA90DBA22E104 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
23:00:32.0393 1520 HidBth - ok
23:00:32.0408 1520 [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
23:00:32.0439 1520 hidi2c - ok
23:00:32.0471 1520 [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
23:00:32.0502 1520 HidIr - ok
23:00:32.0549 1520 [ 449A20A674AA3FAA7F0DD4E33EE2DC20 ] hidserv C:\WINDOWS\system32\hidserv.dll
23:00:32.0611 1520 hidserv - ok
23:00:32.0643 1520 [ F31397220D9687E11EB448649AA6E038 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
23:00:32.0705 1520 HidUsb - ok
23:00:32.0736 1520 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
23:00:32.0814 1520 hkmsvc - ok
23:00:32.0861 1520 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:00:32.0939 1520 HomeGroupListener - ok
23:00:33.0002 1520 [ BE5F89BAFBD4272D5A0C0A37B97865ED ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:00:33.0064 1520 HomeGroupProvider - ok
23:00:33.0111 1520 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
23:00:33.0158 1520 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
23:00:33.0158 1520 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
23:00:33.0221 1520 [ 9BFDA0BC109EB6D16F2CB862BB85E28C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
23:00:33.0283 1520 HPDrvMntSvc.exe - ok
23:00:33.0314 1520 [ 514455F6586473791C5C6B25BA4E1BAB ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
23:00:33.0439 1520 hpqwmiex - ok
23:00:33.0471 1520 [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
23:00:33.0518 1520 HpSAMD - ok
23:00:33.0580 1520 [ 3502776E366C913D49C0DA928AE3E6CB ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
23:00:33.0658 1520 HTTP - ok
23:00:33.0674 1520 [ 90656C0B3864804B090434EFC582404F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
23:00:33.0690 1520 hwpolicy - ok
23:00:33.0705 1520 [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
23:00:33.0736 1520 hyperkbd - ok
23:00:33.0815 1520 [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
23:00:33.0877 1520 HyperVideo - ok
23:00:33.0893 1520 [ 84CFC5EFA97D0C965EDE1D56F116A541 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
23:00:33.0955 1520 i8042prt - ok
23:00:33.0987 1520 [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:00:34.0018 1520 iaLPSSi_GPIO - ok
23:00:34.0033 1520 [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:00:34.0049 1520 iaLPSSi_I2C - ok
23:00:34.0096 1520 [ 14984E71DF9EF3AE928A96B1BD438993 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
23:00:34.0158 1520 iaStorA - ok
23:00:34.0205 1520 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
23:00:34.0252 1520 iaStorAV - ok
23:00:34.0315 1520 [ CED8986C2390596814492EAB43FA5592 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
23:00:34.0361 1520 IAStorDataMgrSvc - ok
23:00:34.0377 1520 [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
23:00:34.0424 1520 iaStorV - ok
23:00:34.0533 1520 [ DAAA22256BCA5E6EB74CD379F3092AAA ] IDSVia64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140317.001\IDSvia64.sys
23:00:34.0612 1520 IDSVia64 - ok
23:00:34.0612 1520 IEEtwCollectorService - ok
23:00:34.0768 1520 [ 8C44E6B688790E2AD3846C97661C54F1 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
23:00:35.0205 1520 igfx - ok
23:00:35.0252 1520 [ B82255670D270B75D2D2F0F8747D1443 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
23:00:35.0315 1520 IKEEXT - ok
23:00:35.0346 1520 [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
23:00:35.0393 1520 intelide - ok
23:00:35.0612 1520 [ B9857625DF8B539ABCB90E15B5716568 ] intelkmd C:\WINDOWS\system32\DRIVERS\igdpmd64.sys
23:00:36.0065 1520 intelkmd ( UnsignedFile.Multi.Generic ) - warning
23:00:36.0065 1520 intelkmd - detected UnsignedFile.Multi.Generic (1)
23:00:36.0112 1520 [ 139CFCDCD36B1B1782FD8C0014AC9B0E ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
23:00:36.0127 1520 intelpep - ok
23:00:36.0143 1520 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
23:00:36.0174 1520 intelppm - ok
23:00:36.0205 1520 [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:00:36.0268 1520 IpFilterDriver - ok
23:00:36.0315 1520 [ DFC4050D58565ADBEE793A8D4AEBDAE6 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
23:00:36.0440 1520 iphlpsvc - ok
23:00:36.0455 1520 [ 9949A3C7590B8C536C05312205079A82 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:00:36.0580 1520 IPMIDRV - ok
23:00:36.0612 1520 [ B7342B3C58E91107F6E946A93D9D4EFD ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
23:00:36.0721 1520 IPNAT - ok
23:00:36.0737 1520 [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
23:00:36.0783 1520 IRENUM - ok
23:00:36.0815 1520 [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
23:00:36.0846 1520 isapnp - ok
23:00:36.0862 1520 [ 034D4BD9DC67C64F3A4C8A049B5173BF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
23:00:36.0893 1520 iScsiPrt - ok
23:00:36.0940 1520 [ 3FE43C2F5B5C08657A1B547AFBE2118E ] JMCR C:\WINDOWS\System32\drivers\jmcr.sys
23:00:36.0971 1520 JMCR - ok
23:00:37.0002 1520 [ 8BE92376799B6B44D543E8D07CDCF885 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
23:00:37.0034 1520 kbdclass - ok
23:00:37.0049 1520 [ FB6E47E569D4872ABEB506BE03A45FBA ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
23:00:37.0080 1520 kbdhid - ok
23:00:37.0096 1520 [ DB7A09BC90DF20F44F16F8B0F9ED3491 ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys
23:00:37.0127 1520 kbldfltr - ok
23:00:37.0143 1520 [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
23:00:37.0190 1520 kdnic - ok
23:00:37.0205 1520 [ F6F209DDB94959BA104FC8FC87C53759 ] KeyIso C:\WINDOWS\system32\lsass.exe
23:00:37.0221 1520 KeyIso - ok
23:00:37.0268 1520 [ ADDECBCC777665BD113BED437E602AB0 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
23:00:37.0284 1520 KSecDD - ok
23:00:37.0330 1520 [ 7296EA420134EAC390798B3232D066A4 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:00:37.0362 1520 KSecPkg - ok
23:00:37.0393 1520 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
23:00:37.0471 1520 ksthunk - ok
23:00:37.0518 1520 [ 32B1A8351160F307A8C66BCB0F94A9C2 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
23:00:37.0596 1520 KtmRm - ok
23:00:37.0627 1520 [ 27B58E16CF895AC1F1A97C04814C2239 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
23:00:37.0690 1520 LanmanServer - ok
23:00:37.0737 1520 [ D0D9C2ECA4D03A8F06DCD91236B90C98 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:00:37.0784 1520 LanmanWorkstation - ok
23:00:37.0815 1520 [ EE289BD147FDFF95EF1B9BD65D3B974A ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
23:00:37.0877 1520 lfsvc - ok
23:00:37.0893 1520 [ C09010B3680860131631F53E8FE7BAD8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
23:00:37.0940 1520 lltdio - ok
23:00:37.0971 1520 [ 00E070FC0C673311AFD4B068D1242780 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
23:00:38.0034 1520 lltdsvc - ok
23:00:38.0080 1520 [ D113FAD71A5E67AA94B32A0F8828D265 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
23:00:38.0112 1520 lmhosts - ok
23:00:38.0174 1520 [ 103BE142566D66F8AE52C89FE9E92D2B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:00:38.0268 1520 LMS - ok
23:00:38.0299 1520 [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
23:00:38.0346 1520 LSI_SAS - ok
23:00:38.0346 1520 [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
23:00:38.0377 1520 LSI_SAS2 - ok
23:00:38.0393 1520 [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
23:00:38.0409 1520 LSI_SAS3 - ok
23:00:38.0424 1520 [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
23:00:38.0455 1520 LSI_SSS - ok
23:00:38.0502 1520 [ B6B69FF200F68888A7FAFDF204D00C91 ] LSM C:\WINDOWS\System32\lsm.dll
23:00:38.0549 1520 LSM - ok
23:00:38.0565 1520 [ 5EF604B0698F4FA962778285E8C5F1F2 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
23:00:38.0596 1520 luafv - ok
23:00:38.0659 1520 [ 6140163BFE9D8F2DFDBA088ED5521C13 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
23:00:38.0705 1520 MBAMSwissArmy - ok
23:00:38.0737 1520 [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas C:\WINDOWS\system32\drivers\megasas.sys
23:00:38.0799 1520 megasas - ok
23:00:38.0831 1520 [ F6F13533196DE7A582D422B0241E4363 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
23:00:38.0893 1520 megasr - ok
23:00:38.0909 1520 [ 86614752D2FAE34CCD9E7B2AABA5FBEC ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
23:00:38.0940 1520 MEIx64 - ok
23:00:38.0971 1520 [ FD788C2D96EA91469A3C1D13E80D7473 ] MMCSS C:\WINDOWS\system32\mmcss.dll
23:00:39.0065 1520 MMCSS - ok
23:00:39.0112 1520 [ 8B38C44F69259987C95135C9627E2378 ] Modem C:\WINDOWS\system32\drivers\modem.sys
23:00:39.0174 1520 Modem - ok
23:00:39.0190 1520 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
23:00:39.0252 1520 monitor - ok
23:00:39.0299 1520 [ CEAC6D40FE887CE8406C2393CF97DE06 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
23:00:39.0331 1520 mouclass - ok
23:00:39.0346 1520 [ 02D98BF804084E9A0D69D1C69B02CCA9 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
23:00:39.0393 1520 mouhid - ok
23:00:39.0409 1520 [ 515549560D481138E6E21AF7C6998E56 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
23:00:39.0440 1520 mountmgr - ok
23:00:39.0471 1520 [ AEE4E9CC59CDEB55B1ECB0E596E796BE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:00:39.0518 1520 MozillaMaintenance - ok
23:00:39.0534 1520 [ F170510BE94CF45E3C6274578F6204B2 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
23:00:39.0581 1520 mpsdrv - ok
23:00:39.0627 1520 [ D186C5844393252147BE934F3871DB7A ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
23:00:39.0690 1520 MpsSvc - ok
23:00:39.0737 1520 [ 9054B51D656282CFF395F9F22E369DCC ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
23:00:39.0815 1520 MQAC - ok
23:00:39.0846 1520 [ 59DCEC7499095DE5AED741358037AE2D ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
23:00:39.0924 1520 MRxDAV - ok
23:00:39.0956 1520 [ 79B6F3DF7CDFD12159871FF71464F0CE ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:00:40.0049 1520 mrxsmb - ok
23:00:40.0065 1520 [ 295771B092D4F7FCF2B62F80CCD14320 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:00:40.0143 1520 mrxsmb10 - ok
23:00:40.0190 1520 [ AAF56E4E84D35411B4E446C445732DFE ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:00:40.0252 1520 mrxsmb20 - ok
23:00:40.0315 1520 [ 4E888019078AC363076A5433E89AA4F8 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
23:00:40.0362 1520 MsBridge - ok
23:00:40.0393 1520 [ A082C17D14D0790E27D064EA4B138AE1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
23:00:40.0440 1520 MSDTC - ok
23:00:40.0456 1520 [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:00:40.0487 1520 Msfs - ok
23:00:40.0518 1520 [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:00:40.0534 1520 msgpiowin32 - ok
23:00:40.0549 1520 [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:00:40.0565 1520 mshidkmdf - ok
23:00:40.0581 1520 [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
23:00:40.0627 1520 mshidumdf - ok
23:00:40.0643 1520 [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
23:00:40.0690 1520 msisadrv - ok
23:00:40.0721 1520 [ 810F8A0A0680662BB0CE44D0E2CEF90C ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
23:00:40.0768 1520 MSiSCSI - ok
23:00:40.0784 1520 msiserver - ok
23:00:40.0815 1520 [ D22AE5313F6B7EFDDD8C117B5501F4A3 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
23:00:40.0862 1520 MsKeyboardFilter - ok
23:00:40.0893 1520 [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:00:40.0971 1520 MSKSSRV - ok
23:00:41.0002 1520 [ 375E44168F2DFB91A68B8A3F619C5A7C ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
23:00:41.0081 1520 MsLldp - ok
23:00:41.0096 1520 [ 8DB47E205BB11C2B9A9949DF369ADBCF ] MSMQ C:\WINDOWS\system32\mqsvc.exe
23:00:41.0143 1520 MSMQ - ok
23:00:41.0159 1520 [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:00:41.0174 1520 MSPCLOCK - ok
23:00:41.0190 1520 [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:00:41.0237 1520 MSPQM - ok
23:00:41.0253 1520 [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
23:00:41.0299 1520 MsRPC - ok
23:00:41.0346 1520 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
23:00:41.0393 1520 mssmbios - ok
23:00:41.0409 1520 [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:00:41.0456 1520 MSTEE - ok
23:00:41.0471 1520 [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
23:00:41.0502 1520 MTConfig - ok
23:00:41.0534 1520 [ 619CA29326B82372621DB2C0964D8365 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
23:00:41.0565 1520 Mup - ok
23:00:41.0596 1520 [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
23:00:41.0643 1520 mvumis - ok
23:00:41.0690 1520 [ 41A45D2A75494EABF2806EA051E00376 ] napagent C:\WINDOWS\system32\qagentRT.dll
23:00:41.0737 1520 napagent - ok
23:00:41.0815 1520 [ CF8B989D89D6807B887690F2CF24EFD9 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:00:41.0909 1520 NativeWifiP - ok
23:00:42.0003 1520 [ 702E07EC32F96ACDB873E9A5465D4401 ] NAVENG C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140317.035\ENG64.SYS
23:00:42.0049 1520 NAVENG - ok
23:00:42.0128 1520 [ 302EA314A1AF0D7CEF0A3D0195F79561 ] NAVEX15 C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140317.035\EX64.SYS
23:00:42.0206 1520 NAVEX15 - ok
23:00:42.0237 1520 [ 71E3C0100AA19D11373CCEB2F51A6008 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
23:00:42.0299 1520 NcaSvc - ok
23:00:42.0315 1520 [ 51DF09CAB2CAC64FEE3E371D9028ED01 ] NcbService C:\WINDOWS\System32\ncbservice.dll
23:00:42.0393 1520 NcbService - ok
23:00:42.0409 1520 [ 2586C4C167499210DCBF3ECFD8CCE210 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
23:00:42.0518 1520 NcdAutoSetup - ok
23:00:42.0565 1520 [ ED39D676080A1AEA755F1DEC1A8DF1A4 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
23:00:42.0612 1520 NDIS - ok
23:00:42.0659 1520 [ C6BB12BC35D1637CA17AE16D3A4725EB ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
23:00:42.0721 1520 NdisCap - ok
23:00:42.0737 1520 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
23:00:42.0784 1520 NdisImPlatform - ok
23:00:42.0799 1520 [ 9423421E735BD5394351E0C47C76BB92 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:00:42.0846 1520 NdisTapi - ok
23:00:42.0893 1520 [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:00:42.0956 1520 Ndisuio - ok
23:00:42.0987 1520 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:00:43.0049 1520 NdisVirtualBus - ok
23:00:43.0065 1520 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:00:43.0112 1520 NdisWan - ok
23:00:43.0128 1520 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:00:43.0143 1520 NdisWanLegacy - ok
23:00:43.0174 1520 [ A5BD69A8812FA79D1A487691DD3FB244 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:00:43.0237 1520 NDProxy - ok
23:00:43.0253 1520 [ 5A072F0B90C29C5233D78BE33EF5ED78 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
23:00:43.0299 1520 Ndu - ok
23:00:43.0331 1520 [ A83D67D347A684F10B7D3019C8A6380C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:00:43.0393 1520 NetBIOS - ok
23:00:43.0424 1520 [ 0217532E19A748F0E5D569307363D5FD ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:00:43.0503 1520 NetBT - ok
23:00:43.0518 1520 [ F6F209DDB94959BA104FC8FC87C53759 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:00:43.0565 1520 Netlogon - ok
23:00:43.0612 1520 [ B7AD851A21FEBA3BA214972627614207 ] Netman C:\WINDOWS\System32\netman.dll
23:00:43.0706 1520 Netman - ok
23:00:43.0768 1520 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:00:43.0831 1520 NetMsmqActivator - ok
23:00:43.0831 1520 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:00:43.0862 1520 NetPipeActivator - ok
23:00:43.0909 1520 [ F0F0A372C2EF6358399C4936F91B6131 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
23:00:43.0987 1520 netprofm - ok
23:00:44.0018 1520 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:00:44.0034 1520 NetTcpActivator - ok
23:00:44.0049 1520 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:00:44.0065 1520 NetTcpPortSharing - ok
23:00:44.0112 1520 [ 70414DB660BFBB7BD58FCE8EA4364E1B ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
23:00:44.0159 1520 netvsc - ok
23:00:44.0378 1520 [ C4160567128FCFC1DCA1693369B62DFE ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe
23:00:44.0487 1520 NIS - ok
23:00:44.0534 1520 [ 3A280F3B3C7A46E29C404ACD46ECBF5E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
23:00:44.0581 1520 NlaSvc - ok
23:00:44.0675 1520 [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc C:\Windows\SysWOW64\nlssrv32.exe
23:00:44.0768 1520 nlsX86cc ( UnsignedFile.Multi.Generic ) - warning
23:00:44.0768 1520 nlsX86cc - detected UnsignedFile.Multi.Generic (1)
23:00:44.0800 1520 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:00:44.0878 1520 Npfs - ok
23:00:44.0909 1520 [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
23:00:44.0972 1520 npsvctrig - ok
23:00:45.0018 1520 [ 6E2271ED0C3E95B8E29F3752B91B9E84 ] nsi C:\WINDOWS\system32\nsisvc.dll
23:00:45.0081 1520 nsi - ok
23:00:45.0097 1520 [ E490B459978CB87779E84C761D22B827 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
23:00:45.0143 1520 nsiproxy - ok
23:00:45.0190 1520 [ 725EF69B2DBEB7B33280019A556201BC ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:00:45.0300 1520 Ntfs - ok
23:00:45.0331 1520 [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null C:\WINDOWS\system32\drivers\Null.sys
23:00:45.0347 1520 Null - ok
23:00:45.0378 1520 [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
23:00:45.0394 1520 nvraid - ok
23:00:45.0425 1520 [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
23:00:45.0440 1520 nvstor - ok
23:00:45.0472 1520 [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
23:00:45.0519 1520 nv_agp - ok
23:00:45.0581 1520 [ 11E0B35479C895888BA3D7F619DCFFF3 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:00:45.0644 1520 ose64 - ok
23:00:45.0675 1520 [ E287F157F7A0011D93179C64EF8ADCF2 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
23:00:45.0753 1520 p2pimsvc - ok
23:00:45.0815 1520 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B ] p2psvc C:\WINDOWS\system32\p2psvc.dll
23:00:45.0925 1520 p2psvc - ok
23:00:45.0940 1520 [ 764B1121867B2D9B31C491668AC72B2B ] Parport C:\WINDOWS\System32\drivers\parport.sys
23:00:45.0972 1520 Parport - ok
23:00:45.0987 1520 [ EF0C1749C9A8CEE9A457473D433CC00F ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
23:00:46.0019 1520 partmgr - ok
23:00:46.0065 1520 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
23:00:46.0206 1520 PcaSvc - ok
23:00:46.0253 1520 [ C0D3F3BC1C84B4BA746D9847314C1164 ] pci C:\WINDOWS\system32\drivers\pci.sys
23:00:46.0300 1520 pci - ok
23:00:46.0315 1520 [ 346E38FCC6859A727DD28AFAD1F0AFF4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
23:00:46.0394 1520 pciide - ok
23:00:46.0425 1520 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
23:00:46.0487 1520 pcmcia - ok
23:00:46.0519 1520 [ BF28771D1436C88BE1D297D3098B0F7D ] pcw C:\WINDOWS\system32\drivers\pcw.sys
23:00:46.0566 1520 pcw - ok
23:00:46.0581 1520 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
23:00:46.0628 1520 pdc - ok
23:00:46.0675 1520 [ BA50CC0BD19004AAB88BE37338B6FA0D ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
23:00:46.0737 1520 PEAUTH - ok
23:00:46.0831 1520 [ 084DE525DFE82AE7453DD527390FA110 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
23:00:46.0909 1520 PeerDistSvc - ok
23:00:46.0956 1520 [ 8E3C640FFF5A963F570233AE99C0FFF3 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
23:00:47.0034 1520 PerfHost - ok
23:00:47.0097 1520 [ 928061178CD9856CA6B67FFFCE6BA766 ] pla C:\WINDOWS\system32\pla.dll
23:00:47.0191 1520 pla - ok
23:00:47.0222 1520 [ 752A457320A946E03C3AA86C3ACD735E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
23:00:47.0253 1520 PlugPlay - ok
23:00:47.0300 1520 [ 045EB4F260606A03BE340D09DEAF3BA4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
23:00:47.0362 1520 PNRPAutoReg - ok
23:00:47.0394 1520 [ E287F157F7A0011D93179C64EF8ADCF2 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
23:00:47.0425 1520 PNRPsvc - ok
23:00:47.0456 1520 [ C16097D77A232A288D65F299E2E01105 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
23:00:47.0519 1520 PolicyAgent - ok
23:00:47.0566 1520 [ 00E08B30E7F7C13ECE2CDF4F46A77311 ] Power C:\WINDOWS\system32\umpo.dll
23:00:47.0628 1520 Power - ok
23:00:47.0659 1520 [ E075CC071022BD4E9BE7C024717C0E0A ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:00:47.0706 1520 PptpMiniport - ok
23:00:47.0847 1520 [ B7DB57A000D46D4DE75BC0C563E58072 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
23:00:48.0019 1520 PrintNotify - ok
23:00:48.0050 1520 [ ECD373F9571C745894367CC2635EA44F ] Processor C:\WINDOWS\System32\drivers\processr.sys
23:00:48.0097 1520 Processor - ok
23:00:48.0128 1520 [ 8513A1E7AE4B9DC82C4B4F432C648A58 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
23:00:48.0206 1520 ProfSvc - ok
23:00:48.0253 1520 [ 8528BB05E4D4E25945F78B00B2555FB7 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
23:00:48.0316 1520 Psched - ok
23:00:48.0378 1520 [ AF90BB44C99D6820BE52C9BBAA523283 ] QWAVE C:\WINDOWS\system32\qwave.dll
23:00:48.0472 1520 QWAVE - ok
23:00:48.0488 1520 [ 3FB466684609A4329858CF2EBD62E0FD ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
23:00:48.0566 1520 QWAVEdrv - ok
23:00:48.0597 1520 [ 2C56F0EE27E4EF70CA4B4983D3638905 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:00:48.0612 1520 RasAcd - ok
23:00:48.0644 1520 [ 55FE43112F61836D0581D615C72AA113 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
23:00:48.0722 1520 RasAgileVpn - ok
23:00:48.0753 1520 [ 5F061AC45266841A2860C1858ED863B8 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:00:48.0800 1520 RasAuto - ok
23:00:48.0816 1520 [ BBB6272B7F46C4640A8CDB8A70C3450F ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:00:48.0863 1520 Rasl2tp - ok
23:00:48.0894 1520 [ BF3B17016764F20F9D28CF1A8DC210C0 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:00:48.0941 1520 RasMan - ok
23:00:48.0956 1520 [ 5247F308C4103CDC4FE12AE1D235800A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:00:48.0988 1520 RasPppoe - ok
23:00:49.0019 1520 [ 2B0F1677CDD08967005F34488559BC6F ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
23:00:49.0050 1520 RasSstp - ok
23:00:49.0097 1520 [ A1A5E79C0D1352AFDC08328A623DA051 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:00:49.0206 1520 rdbss - ok
23:00:49.0253 1520 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
23:00:49.0347 1520 rdpbus - ok
23:00:49.0378 1520 [ 680C1DAE268B6FB67FA21B389A8B79EF ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
23:00:49.0425 1520 RDPDR - ok
23:00:49.0441 1520 [ 858776908AF838E3790F3261B799CDA6 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:00:49.0472 1520 RdpVideoMiniport - ok
23:00:49.0503 1520 [ 847C6A08912C3515807049C93E526D65 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
23:00:49.0519 1520 rdyboost - ok
23:00:49.0550 1520 [ 036746D54347FD2D0385668E2A4064E4 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
23:00:49.0613 1520 ReFS - ok
23:00:49.0644 1520 [ BFFB40FBE6D2C3469F8D06EE5E4934AB ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:00:49.0706 1520 RemoteAccess - ok
23:00:49.0753 1520 [ 4DCCABE03D06955ED61BABBD8EF9F30F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:00:49.0831 1520 RemoteRegistry - ok
23:00:49.0878 1520 [ 02307C86CB24769306B0DFA0C751952E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
23:00:49.0925 1520 RFCOMM - ok
23:00:49.0972 1520 [ D894CBD7DA753C881EE8D5E33B583225 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
23:00:50.0034 1520 RpcEptMapper - ok
23:00:50.0066 1520 [ 5CAE8F47B31D5CFC322B5B898C19E0FE ] RpcLocator C:\WINDOWS\system32\locator.exe
23:00:50.0128 1520 RpcLocator - ok
23:00:50.0159 1520 [ 3FD5AE42EC87C6F532A931F96BE731DD ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:00:50.0206 1520 RpcSs - ok
23:00:50.0253 1520 [ 2D05A5508F4685412F2B89E8C2189ABC ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
23:00:50.0284 1520 rspndr - ok
23:00:50.0331 1520 [ 19764658C1468C2C0CEF133D28414A6B ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
23:00:50.0363 1520 RTL8168 - ok
23:00:50.0409 1520 [ 1A063730F221B2746FF00457AE17E4F0 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
23:00:50.0472 1520 s3cap - ok
23:00:50.0519 1520 [ F6F209DDB94959BA104FC8FC87C53759 ] SamSs C:\WINDOWS\system32\lsass.exe
23:00:50.0550 1520 SamSs - ok
23:00:50.0613 1520 [ 53E618640032FF0511901551D7F77424 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
23:00:50.0659 1520 SbieDrv - ok
23:00:50.0659 1520 [ DD78D286FF9032D9E0938F815928C2FD ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
23:00:50.0706 1520 SbieSvc - ok
23:00:50.0753 1520 [ C624A1B32211C3166EDB3F4AB02A30B7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
23:00:50.0800 1520 sbp2port - ok
23:00:50.0847 1520 [ 47C497FA4DDEA908633CAA60CEBE6805 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
23:00:50.0894 1520 SCardSvr - ok
23:00:50.0909 1520 [ E76C4E98302AE39CC6FA5D20FC8B5438 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
23:00:50.0941 1520 ScDeviceEnum - ok
23:00:50.0972 1520 [ ABD0237B15DBD2B4695F4B7D734A58F7 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:00:51.0034 1520 scfilter - ok
23:00:51.0113 1520 [ A95838FFFAEAA7500263D491575F7E0C ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:00:51.0159 1520 Schedule - ok
23:00:51.0206 1520 [ AB285CE3431FF3D2ACE669245874C1C7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
23:00:51.0253 1520 SCPolicySvc - ok
23:00:51.0285 1520 [ 2F9A3380B8C0380E5608E29C7AA66899 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
23:00:51.0331 1520 sdbus - ok
23:00:51.0363 1520 [ 4EAF4DCF9DBD9A56952A58F56D61C005 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
23:00:51.0378 1520 sdstor - ok
23:00:51.0394 1520 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
23:00:51.0410 1520 secdrv - ok
23:00:51.0456 1520 [ C49009F897BA4F2F4F31043663AA1485 ] seclogon C:\WINDOWS\system32\seclogon.dll
23:00:51.0503 1520 seclogon - ok
23:00:51.0519 1520 [ A88882E64BDC1D8E8D6E727B71CCCC53 ] SENS C:\WINDOWS\System32\sens.dll
23:00:51.0566 1520 SENS - ok
23:00:51.0613 1520 [ E66A7C8CE7ED22DED6DF1CA479FB4790 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
23:00:51.0691 1520 SensrSvc - ok
23:00:51.0738 1520 [ DB2FF24CE0BDD15FE75870AFE312BA89 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
23:00:51.0769 1520 SerCx - ok
23:00:51.0800 1520 [ 0044B31F93946D5D41982314381FE431 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
23:00:51.0831 1520 SerCx2 - ok
23:00:51.0831 1520 [ 3CD600C089C1251BEEB4CD4CD5164F9E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
23:00:51.0863 1520 Serenum - ok
23:00:51.0878 1520 [ D864381BC9C725FAB01D94C060660166 ] Serial C:\WINDOWS\System32\drivers\serial.sys
23:00:51.0894 1520 Serial - ok
23:00:51.0910 1520 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
23:00:51.0925 1520 sermouse - ok
23:00:51.0972 1520 [ 441E6FF1F34D7A942946DB42A15FB519 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
23:00:52.0035 1520 SessionEnv - ok
23:00:52.0066 1520 [ 472B7A5AC181C050888DB454663DD764 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
23:00:52.0082 1520 sfloppy - ok
23:00:52.0113 1520 [ 6D9A78A20A3AC0343C49D8249F7130D0 ] sgfxk C:\WINDOWS\system32\drivers\sgfxk64.sys
23:00:52.0175 1520 sgfxk - ok
23:00:52.0191 1520 [ F6DE543686A22830C2CB2820F395CEA8 ] sgfxl C:\WINDOWS\system32\drivers\sgfxl64.sys
23:00:52.0253 1520 sgfxl - ok
23:00:52.0457 1520 [ 503113C92FBA94D07BE987D5355D928C ] SGFXMgr C:\Program Files\SGFX\sgfxmgr.exe
23:00:52.0738 1520 SGFXMgr ( UnsignedFile.Multi.Generic ) - warning
23:00:52.0738 1520 SGFXMgr - detected UnsignedFile.Multi.Generic (1)
23:00:52.0785 1520 [ F4414F57DF2CECB8FC969AA43A6B0D50 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:00:52.0847 1520 SharedAccess - ok
23:00:52.0894 1520 [ 0D190D8B4B20446BE6299AC734DFADF1 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:00:52.0957 1520 ShellHWDetection - ok
23:00:52.0972 1520 [ 2F518D13DD6F3053837FE606F1A2EA1F ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:00:53.0004 1520 SiSRaid2 - ok
23:00:53.0050 1520 [ 1AC9A200A9C49C4508F04AAFFCA34A3F ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
23:00:53.0097 1520 SiSRaid4 - ok
23:00:53.0144 1520 [ 587ACA15210D1B01FBF272E07A08F91A ] smphost C:\WINDOWS\System32\smphost.dll
23:00:53.0207 1520 smphost - ok
23:00:53.0254 1520 [ 49EEB92DE930B8566EF615D600781DB4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
23:00:53.0425 1520 SNMPTRAP - ok
23:00:53.0488 1520 [ 80B683DF156771E30D33E01AF09ABE3C ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
23:00:53.0550 1520 SNP2UVC - ok
23:00:53.0597 1520 [ F6EBE514D13ECE7EDC23440039CDF9AB ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
23:00:53.0644 1520 spaceport - ok
23:00:53.0675 1520 [ F337BE11071818FC3F5DC2940B6BDE34 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
23:00:53.0707 1520 SpbCx - ok
23:00:53.0769 1520 [ FE0CB40F36D3FCDD3A1B312EF72C38D5 ] Spooler C:\WINDOWS\System32\spoolsv.exe
23:00:53.0863 1520 Spooler - ok
23:00:54.0050 1520 [ C993A0B97BECD3AAF5158E3869878465 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
23:00:54.0300 1520 sppsvc - ok
23:00:54.0394 1520 [ F718A57D946EAC76EFCB351D74E269F4 ] SRTSP C:\WINDOWS\System32\Drivers\NISx64\1502000.026\SRTSP64.SYS
23:00:54.0488 1520 SRTSP - ok
23:00:54.0504 1520 [ B18CE01B9C09C59422BA7C7064248B35 ] SRTSPX C:\WINDOWS\system32\drivers\NISx64\1502000.026\SRTSPX64.SYS
23:00:54.0535 1520 SRTSPX - ok
23:00:54.0566 1520 [ 2B78788A1485F9B99A578A299DF42C02 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:00:54.0660 1520 srv - ok
23:00:54.0707 1520 [ C1AE59C0B0817236EC083A91C396005A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
23:00:54.0738 1520 srv2 - ok
23:00:54.0754 1520 [ 77195C32175FC63D6054EBA5A066D727 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:00:54.0800 1520 srvnet - ok
23:00:54.0832 1520 [ BB9ED3EDD8E85008215A7250D325A72E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:00:54.0894 1520 SSDPSRV - ok
23:00:54.0926 1520 [ 3911418AFDE10EA6823B7799E4815524 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
23:00:54.0972 1520 SstpSvc - ok
23:00:55.0035 1520 [ 897C1273B7D74E19DDA7EBF495BF0133 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
23:00:55.0144 1520 STacSV ( UnsignedFile.Multi.Generic ) - warning
23:00:55.0144 1520 STacSV - detected UnsignedFile.Multi.Generic (1)
23:00:55.0175 1520 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
23:00:55.0222 1520 stexstor - ok
23:00:55.0238 1520 [ A883937A943DCE237B19E4A5558FCBE6 ] STHDA C:\WINDOWS\system32\DRIVERS\stwrt64.sys
23:00:55.0301 1520 STHDA - ok
23:00:55.0363 1520 [ D638904FE86A5FE542A1BA13A9D68E5C ] stisvc C:\WINDOWS\System32\wiaservc.dll
23:00:55.0441 1520 stisvc - ok
23:00:55.0472 1520 [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
23:00:55.0504 1520 storahci - ok
23:00:55.0551 1520 [ 7A08CEE1535F5A448215634C5EA74E50 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
23:00:55.0566 1520 storflt - ok
23:00:55.0597 1520 [ 6B06E2D11E604BE2B1A406C4CB3B90DE ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
23:00:55.0629 1520 stornvme - ok
23:00:55.0676 1520 [ 3118058E3D07021A55324A943C6D722B ] StorSvc C:\WINDOWS\system32\storsvc.dll
23:00:55.0769 1520 StorSvc - ok
23:00:55.0801 1520 [ 548759755BC73DAD663250239D7E0B9F ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
23:00:55.0832 1520 storvsc - ok
23:00:55.0863 1520 [ 03618F935379614837F915D04C45FC0E ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
23:00:55.0894 1520 storvsp - ok
23:00:55.0941 1520 [ D8E1AE075AB3E8AD56F69C44AA978596 ] svsvc C:\WINDOWS\system32\svsvc.dll
23:00:56.0019 1520 svsvc - ok
23:00:56.0035 1520 [ 84E0F5D41C138C5CC975137A2A98F6D3 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
23:00:56.0051 1520 swenum - ok
23:00:56.0082 1520 [ 99453C649DC4B0BE6D062B701CD2917F ] swprv C:\WINDOWS\System32\swprv.dll
23:00:56.0207 1520 swprv - ok
23:00:56.0254 1520 [ 5C9EE2303CA7F267665D75237862B39C ] SymDS C:\WINDOWS\system32\drivers\NISx64\1502000.026\SYMDS64.SYS
23:00:56.0301 1520 SymDS - ok
23:00:56.0347 1520 [ 9F31630D7FC2DD9D5DA1CE359AAD1F46 ] SymEFA C:\WINDOWS\system32\drivers\NISx64\1502000.026\SYMEFA64.SYS
23:00:56.0394 1520 SymEFA - ok
23:00:56.0426 1520 [ 20F758E6339A16F97DD83389D582E09A ] SymELAM C:\WINDOWS\system32\drivers\NISx64\1502000.026\SymELAM.sys
23:00:56.0441 1520 SymELAM - ok
23:00:56.0472 1520 [ 97E11C50CE52277B377396EA8838E539 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
23:00:56.0504 1520 SymEvent - ok
23:00:56.0535 1520 [ 48C2934683CBD06F662B088EEF49EF6A ] SymIRON C:\WINDOWS\system32\drivers\NISx64\1502000.026\Ironx64.SYS
23:00:56.0582 1520 SymIRON - ok
23:00:56.0613 1520 [ 5570A74FF9B1EFBC5154DD1E2F05C517 ] SymNetS C:\WINDOWS\System32\Drivers\NISx64\1502000.026\SYMNETS.SYS
23:00:56.0660 1520 SymNetS - ok
23:00:56.0707 1520 [ 2CD7E4392A5E98FA1281B22F62A48E04 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
23:00:56.0754 1520 SynTP - ok
23:00:56.0816 1520 [ E45DA7CBBA34510C8B9473AD7D4FFD0B ] SysMain C:\WINDOWS\system32\sysmain.dll
23:00:56.0894 1520 SysMain - ok
23:00:56.0926 1520 [ D65B1C952AEB864C2BAC7A770B17ECCE ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:00:57.0004 1520 SystemEventsBroker - ok
23:00:57.0051 1520 [ BA6DD39266A5E15515C8C14DA2DA3E5C ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:00:57.0097 1520 TabletInputService - ok
23:00:57.0113 1520 [ B517410F157693043DACA21B19B258A6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:00:57.0222 1520 TapiSrv - ok
23:00:57.0316 1520 [ ECC68BD5347BDE9631EE68274858A41F ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
23:00:57.0410 1520 Tcpip - ok
23:00:57.0441 1520 [ ECC68BD5347BDE9631EE68274858A41F ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:00:57.0535 1520 TCPIP6 - ok
23:00:57.0551 1520 [ 33A7D83EEB15431773A6E186CFAABA21 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
23:00:57.0566 1520 tcpipreg - ok
23:00:57.0613 1520 [ FFF28F9F6823EB1756C60F1649560BBF ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
23:00:57.0660 1520 tdx - ok
23:00:57.0691 1520 [ 232D185D2337F141311D0CF1983E1431 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
23:00:57.0707 1520 terminpt - ok
23:00:57.0770 1520 [ 2C77831737491F4D684D315B95C62883 ] TermService C:\WINDOWS\System32\termsrv.dll
23:00:57.0832 1520 TermService - ok
23:00:57.0863 1520 [ 05FBE1F7C13E87AF7A414CDF288B1F62 ] Themes C:\WINDOWS\system32\themeservice.dll
23:00:57.0941 1520 Themes - ok
23:00:57.0973 1520 [ FD788C2D96EA91469A3C1D13E80D7473 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
23:00:58.0004 1520 THREADORDER - ok
23:00:58.0035 1520 [ 347A3E49CE18402305B8119A6EC7CFEB ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
23:00:58.0098 1520 TimeBroker - ok
23:00:58.0129 1520 [ 82F909359600D3603FE852DB7F135626 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
23:00:58.0176 1520 TPM - ok
23:00:58.0238 1520 [ C97E14BB6A196B0554D6EB67D8818175 ] TrkWks C:\WINDOWS\System32\trkwks.dll
23:00:58.0316 1520 TrkWks - ok
23:00:58.0395 1520 [ DA56FFA46030E6FEB215E3D5DAA65B11 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:00:58.0457 1520 TrustedInstaller - ok
23:00:58.0473 1520 [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
23:00:58.0520 1520 TsUsbFlt - ok
23:00:58.0535 1520 [ E0088068DCE2EE82897027DDB8E05254 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:00:58.0598 1520 TsUsbGD - ok
23:00:58.0613 1520 [ C8E0E78B5D284C2FF59BDFFDAF997242 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
23:00:58.0660 1520 tunnel - ok
23:00:58.0691 1520 [ F6EEAD052943B5A3104C1405BB856C54 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
23:00:58.0707 1520 uagp35 - ok
23:00:58.0754 1520 [ FE6067B1FD4E63650C667B33D080565B ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
23:00:58.0785 1520 UASPStor - ok
23:00:58.0848 1520 [ 5D1B430EA11064C56E7C8F84B90DEB6A ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
23:00:58.0879 1520 UCX01000 - ok
23:00:58.0895 1520 [ 1EC649F112896FAE33250F0B97AC5D0B ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
23:00:58.0941 1520 udfs - ok
23:00:58.0973 1520 [ 9578691F297E1B1F519970FE6D47CB21 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
23:00:58.0988 1520 UEFI - ok
23:00:59.0035 1520 [ 320878AFECDBBD61BBE98624A6CAAC08 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
23:00:59.0066 1520 UI0Detect - ok
23:00:59.0113 1520 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
23:00:59.0145 1520 uliagpkx - ok
23:00:59.0176 1520 [ DA34C39A18E60E7C3FA0630566408034 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
23:00:59.0207 1520 umbus - ok
23:00:59.0223 1520 [ AE8294875E5446E359B1E8035D40C05E ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
23:00:59.0270 1520 UmPass - ok
23:00:59.0301 1520 [ E3DDF7D43E05784FAA5E042605EEE528 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
23:00:59.0363 1520 UmRdpService - ok
23:00:59.0520 1520 [ 6B778A47EB9CE430708AC42980BB712C ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:00:59.0754 1520 UNS - ok
23:00:59.0801 1520 [ 4A2FFDAC45F317E17DF642C7160EB633 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:00:59.0832 1520 upnphost - ok
23:00:59.0848 1520 [ 433ECDE01A52691FA7ACA51C10C09B70 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
23:00:59.0895 1520 usbccgp - ok
23:00:59.0942 1520 [ B3D6457D841A0CAEF4C52D88621715F2 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
23:00:59.0973 1520 usbcir - ok
23:01:00.0020 1520 [ 5477D6E27C7D266EF8C152B9A25ADE5E ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
23:01:00.0051 1520 usbehci - ok
23:01:00.0066 1520 [ DF56C2C04EFA328D7A66B69007130266 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
23:01:00.0113 1520 usbhub - ok
23:01:00.0129 1520 [ C0E33820326199CE3CFD3B9F27F81D99 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
23:01:00.0176 1520 USBHUB3 - ok
23:01:00.0207 1520 [ 3019097FB6C985EF24C058090FF3BDBD ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
23:01:00.0223 1520 usbohci - ok
23:01:00.0254 1520 [ 4D655E3B684BE9B0F7FFD8A2935C348C ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
23:01:00.0285 1520 usbprint - ok
23:01:00.0317 1520 [ 4628B415A84EA9D4D396A56F1D0CB6C6 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:01:00.0332 1520 USBSTOR - ok
23:01:00.0379 1520 [ BA4FA655E0FC577DB7436FC963932CE4 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
23:01:00.0426 1520 usbuhci - ok
23:01:00.0457 1520 [ D22EB844EB57D016CC34178AC86456DF ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:01:00.0504 1520 USBXHCI - ok
23:01:00.0520 1520 [ F6F209DDB94959BA104FC8FC87C53759 ] VaultSvc C:\WINDOWS\system32\lsass.exe
23:01:00.0551 1520 VaultSvc - ok
23:01:00.0582 1520 [ FEB26E3B8345A7E8D62F945C4AE86562 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
23:01:00.0614 1520 vdrvroot - ok
23:01:00.0676 1520 [ CFBAD6B48EDFAA0828A52646B7C4C08D ] vds C:\WINDOWS\System32\vds.exe
23:01:00.0754 1520 vds - ok
23:01:00.0785 1520 [ A026EDEAA5EECAE0B08E2748B616D4BD ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
23:01:00.0801 1520 VerifierExt - ok
23:01:00.0832 1520 [ 041D3EF364E624DBB2703A64A5AADF89 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
23:01:00.0879 1520 vhdmp - ok
23:01:00.0910 1520 [ 06D38968028E9AB19DE9B618C7B6D199 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
23:01:00.0926 1520 viaide - ok
23:01:00.0973 1520 [ 3CE922E34DB12D9F3C0EA856BC09687C ] Vid C:\WINDOWS\System32\drivers\Vid.sys
23:01:01.0020 1520 Vid - ok
23:01:01.0051 1520 [ C6305BDFC4F7CE51F72BB072C03D4ACE ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
23:01:01.0067 1520 vmbus - ok
23:01:01.0082 1520 [ DA40BEA0A863CE768C940CA9723BF81F ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
23:01:01.0129 1520 VMBusHID - ok
23:01:01.0176 1520 [ 68F8C26DEA2D42E8DEC0778943433C80 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
23:01:01.0239 1520 vmbusr - ok
23:01:01.0285 1520 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
23:01:01.0364 1520 vmicguestinterface - ok
23:01:01.0395 1520 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
23:01:01.0442 1520 vmicheartbeat - ok
23:01:01.0457 1520 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
23:01:01.0489 1520 vmickvpexchange - ok
23:01:01.0489 1520 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
23:01:01.0535 1520 vmicrdv - ok
23:01:01.0535 1520 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
23:01:01.0582 1520 vmicshutdown - ok
23:01:01.0582 1520 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
23:01:01.0614 1520 vmictimesync - ok
23:01:01.0629 1520 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicvss C:\WINDOWS\System32\ICSvc.dll
23:01:01.0660 1520 vmicvss - ok
23:01:01.0707 1520 [ 55D7D963DE85162F1C49721E502F9744 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
23:01:01.0739 1520 volmgr - ok
23:01:01.0770 1520 [ CCB9E901F7254BF96D28EB1B0E5329B7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
23:01:01.0801 1520 volmgrx - ok
23:01:01.0817 1520 [ C85C075DE5B6D0FE116043054DE8EE02 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
23:01:01.0864 1520 volsnap - ok
23:01:01.0910 1520 [ 01355C98B5C3ED1EC446743CDA848FCE ] vpci C:\WINDOWS\System32\drivers\vpci.sys
23:01:01.0957 1520 vpci - ok
23:01:01.0957 1520 [ ADBE96C33D1A5BB1BBAF90B4BC84F523 ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
23:01:02.0004 1520 vpcivsp - ok
23:01:02.0035 1520 [ 4539F45F9F4C9757A86A56C949421E07 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
23:01:02.0051 1520 vsmraid - ok
23:01:02.0129 1520 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC ] VSS C:\WINDOWS\system32\vssvc.exe
23:01:02.0192 1520 VSS - ok
23:01:02.0207 1520 [ 0849B7260F26FE05EA56DED0672E2F4B ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
23:01:02.0239 1520 VSTXRAID - ok
23:01:02.0270 1520 [ BE970C369E43B509C1EDA2B8FA7CECB0 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
23:01:02.0317 1520 vwifibus - ok
23:01:02.0332 1520 [ 6B26AD573CCDD5209DF4397438B76354 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
23:01:02.0364 1520 vwififlt - ok
23:01:02.0379 1520 [ 0B48E0DFB44EE475F4FD8A8EE599AF30 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
23:01:02.0410 1520 vwifimp - ok
23:01:02.0442 1520 [ 7599E582CA3A6AAA95A18FFE1172D339 ] W32Time C:\WINDOWS\system32\w32time.dll
23:01:02.0473 1520 W32Time - ok
23:01:02.0535 1520 [ 8E553C859C83784DEC08B10AFC3EAC92 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
23:01:02.0582 1520 w3logsvc - ok
23:01:02.0629 1520 [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
23:01:02.0707 1520 W3SVC - ok
23:01:02.0723 1520 [ 0910AB9ED404C1434E2D0376C2AD5D8B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
23:01:02.0785 1520 WacomPen - ok
23:01:02.0817 1520 [ AFCD4054D61BD708B82991348ED1C763 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:01:02.0864 1520 Wanarp - ok
23:01:02.0864 1520 [ AFCD4054D61BD708B82991348ED1C763 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:01:02.0895 1520 Wanarpv6 - ok
23:01:02.0910 1520 [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
23:01:02.0942 1520 WAS - ok
23:01:03.0004 1520 [ 92BF4B3EBD6F163B94B7A20C65E7B698 ] wbengine C:\WINDOWS\system32\wbengine.exe
23:01:03.0145 1520 wbengine - ok
23:01:03.0192 1520 [ 58F28103889817C93E5B5AFABC87E709 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
23:01:03.0286 1520 WbioSrvc - ok
23:01:03.0333 1520 [ 772365894F14652D376B2E5030179DC9 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
23:01:03.0411 1520 Wcmsvc - ok
23:01:03.0442 1520 [ D2726823DF7E19F213F4805A9D6D145F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
23:01:03.0536 1520 wcncsvc - ok
23:01:03.0583 1520 [ 846C02A8B48CBD921A3D6AB521AA0DC4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
23:01:03.0629 1520 WcsPlugInService - ok
23:01:03.0645 1520 [ 241895E8A9C158DF86E12FDD21033A32 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
23:01:03.0676 1520 WdBoot - ok
23:01:03.0708 1520 [ CB6C63FF8342B467E2EF76E98D5B934D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
23:01:03.0739 1520 Wdf01000 - ok
23:01:03.0770 1520 [ C52148456E0F6EAD9E903020A79207FC ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
23:01:03.0801 1520 WdFilter - ok
23:01:03.0848 1520 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
23:01:03.0926 1520 WdiServiceHost - ok
23:01:03.0926 1520 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
23:01:03.0973 1520 WdiSystemHost - ok
23:01:03.0989 1520 [ 57F22324FAAF92ADF957B281E88F1743 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:01:04.0020 1520 WdNisDrv - ok
23:01:04.0036 1520 WdNisSvc - ok
23:01:04.0098 1520 [ 6588A957873326361AB1CAC4E76F8394 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:01:04.0161 1520 WebClient - ok
23:01:04.0176 1520 [ 3274312F263882B51B964329FAF49734 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
23:01:04.0223 1520 Wecsvc - ok
23:01:04.0254 1520 [ 7CDD84E0023A0C5C230B06A7965EC65E ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
23:01:04.0286 1520 WEPHOSTSVC - ok
23:01:04.0333 1520 [ AA1315B87D9B2E39584165318A59F15D ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
23:01:04.0379 1520 wercplsupport - ok
23:01:04.0411 1520 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
23:01:04.0489 1520 WerSvc - ok
23:01:04.0520 1520 [ 2E3E82D7B1076B90F4E228A8EF17B261 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
23:01:04.0583 1520 WFPLWFS - ok
23:01:04.0614 1520 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
23:01:04.0629 1520 WiaRpc - ok
23:01:04.0676 1520 [ 867BCC69ED9C31C501465EB0E8BA9DFA ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
23:01:04.0708 1520 WIMMount - ok
23:01:04.0708 1520 WinDefend - ok
23:01:04.0770 1520 [ DD079EC8F44DCA3A176B345C6ADEFB66 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:01:04.0848 1520 WinHttpAutoProxySvc - ok
23:01:04.0926 1520 [ 9DB490F3E823C5C3C070644B96CB9D59 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:01:04.0973 1520 Winmgmt - ok
23:01:05.0067 1520 [ 690C3FC5C9DBD6B9AEDF8341EC720E41 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
23:01:05.0161 1520 WinRM - ok
23:01:05.0208 1520 [ 728D3349FAB251B0265EFA55C67DCA2D ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
23:01:05.0301 1520 WlanSvc - ok
23:01:05.0379 1520 [ C2838466CCC44FAEF2C3D4C1E5971ECB ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
23:01:05.0442 1520 wlidsvc - ok
23:01:05.0489 1520 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
23:01:05.0551 1520 WmiAcpi - ok
23:01:05.0583 1520 [ 7AFAC828F52D62F304A911EC32F42EEE ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:01:05.0614 1520 wmiApSrv - ok
23:01:05.0630 1520 WMPNetworkSvc - ok
23:01:05.0708 1520 [ E178371E493BF17EB90FE71ABA8BE643 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
23:01:05.0817 1520 workfolderssvc - ok
23:01:05.0864 1520 [ E746BCDBA2E02CF6B8D6B26FB167FBE0 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
23:01:05.0926 1520 wpcfltr - ok
23:01:05.0958 1520 [ 4E6A0F60DA7EF050D3D26417CD4D24E9 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
23:01:06.0005 1520 WPCSvc - ok
23:01:06.0020 1520 [ D27491CFCE452C154CECFA155AD0EBC8 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
23:01:06.0067 1520 WPDBusEnum - ok
23:01:06.0083 1520 [ 9F2904B55F6CECCD1A8D986B5CE2609A ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:01:06.0098 1520 WpdUpFltr - ok
23:01:06.0114 1520 [ AE072B0339D0A18E455DC21666CAD572 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:01:06.0145 1520 ws2ifsl - ok
23:01:06.0176 1520 [ 5CFA46C4ACB2FD70572017052378DAE5 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
23:01:06.0208 1520 wscsvc - ok
23:01:06.0208 1520 WSearch - ok
23:01:06.0317 1520 [ D8E3A4701376CCFD0BE542D745FA4809 ] WSService C:\WINDOWS\System32\WSService.dll
23:01:06.0426 1520 WSService - ok
23:01:06.0536 1520 [ 86D0BF4F792053A50D6EE43DFA5837A5 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
23:01:06.0630 1520 wuauserv - ok
23:01:06.0676 1520 [ 2FEAE33E9B2B56104596E1BA444405A9 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
23:01:06.0723 1520 WudfPf - ok
23:01:06.0739 1520 [ 19240C13F526125554B5370566F21A0A ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
23:01:06.0786 1520 WUDFRd - ok
23:01:06.0786 1520 [ 19240C13F526125554B5370566F21A0A ] WUDFSensorLP C:\WINDOWS\System32\drivers\WUDFRd.sys
23:01:06.0817 1520 WUDFSensorLP - ok
23:01:06.0864 1520 [ BB73CBC65AABC4EA0A5C6A1474A0A743 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
23:01:06.0911 1520 wudfsvc - ok
23:01:06.0942 1520 [ 19240C13F526125554B5370566F21A0A ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:01:06.0973 1520 WUDFWpdFs - ok
23:01:07.0020 1520 [ 2FA9794CA36147756F3FDFD6CA29B46F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
23:01:07.0083 1520 WwanSvc - ok
23:01:07.0130 1520 [ 03CD249A16CF815FFFD347DC61EF9E6D ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
23:01:11.0427 1520 ZAtheros Bt and Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
23:01:11.0442 1520 ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic (1)
23:01:11.0442 1520 ================ Scan global ===============================
23:01:11.0489 1520 [ C89780A6F58D113C28A96D85D1261DC5 ] C:\WINDOWS\system32\basesrv.dll
23:01:11.0536 1520 [ 599F1244C60E3D6C28A8DA7FBA7A2C13 ] C:\WINDOWS\system32\winsrv.dll
23:01:11.0567 1520 [ 9C1833ABD62876856836C5AE55C7CE86 ] C:\WINDOWS\system32\sxssrv.dll
23:01:11.0599 1520 [ B4B610BBCB002EC478C6FD80CF915697 ] C:\WINDOWS\system32\services.exe
23:01:11.0614 1520 [Global] - ok
23:01:11.0614 1520 ================ Scan MBR ==================================
23:01:11.0614 1520 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:01:11.0989 1520 \Device\Harddisk0\DR0 - ok
23:01:11.0989 1520 ================ Scan VBR ==================================
23:01:11.0989 1520 [ DEA0A4F01A1E85BBB4F24D35F35157D6 ] \Device\Harddisk0\DR0\Partition1
23:01:11.0989 1520 \Device\Harddisk0\DR0\Partition1 - ok
23:01:12.0005 1520 [ 7EE0FDE277375A16C4E20CB312AF1B8D ] \Device\Harddisk0\DR0\Partition2
23:01:12.0005 1520 \Device\Harddisk0\DR0\Partition2 - ok
23:01:12.0036 1520 [ AA72B889E7D18B8E2F8148C5F0DCA96D ] \Device\Harddisk0\DR0\Partition3
23:01:12.0036 1520 \Device\Harddisk0\DR0\Partition3 - ok
23:01:12.0052 1520 [ 5CC2F4452204E698BA81F5F127424998 ] \Device\Harddisk0\DR0\Partition4
23:01:12.0052 1520 \Device\Harddisk0\DR0\Partition4 - ok
23:01:12.0052 1520 ============================================================
23:01:12.0052 1520 Scan finished
23:01:12.0052 1520 ============================================================
23:01:12.0067 3408 Detected object count: 8
23:01:12.0067 3408 Actual detected object count: 8
23:01:45.0149 3408 AESTFilters ( UnsignedFile.Multi.Generic ) - skipped by user
23:01:45.0149 3408 AESTFilters ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:01:45.0149 3408 EraserUtilRebootDrv ( UnsignedFile.Multi.Generic ) - skipped by user
23:01:45.0149 3408 EraserUtilRebootDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:01:45.0149 3408 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:01:45.0149 3408 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:01:45.0149 3408 intelkmd ( UnsignedFile.Multi.Generic ) - skipped by user
23:01:45.0149 3408 intelkmd ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:01:45.0149 3408 nlsX86cc ( UnsignedFile.Multi.Generic ) - skipped by user
23:01:45.0149 3408 nlsX86cc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:01:45.0149 3408 SGFXMgr ( UnsignedFile.Multi.Generic ) - skipped by user
23:01:45.0149 3408 SGFXMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:01:45.0149 3408 STacSV ( UnsignedFile.Multi.Generic ) - skipped by user
23:01:45.0149 3408 STacSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:01:45.0149 3408 ZAtheros Bt and Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
23:01:45.0149 3408 ZAtheros Bt and Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:02:15.0543 2548 Deinitialize success

[Márty84]

Postupujte podle navodu kolegy

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Ulozte nejlepe na Plochu a rozbalte
• Spustte kliknutim na mbar
• Nyni postupne kliknete na Next a Update
• Po dokonceni update (aktualizace) databaze kliknete opet na Next
• Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
• Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
• Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
• Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
• PC bude restartovan
• Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

[July]

update nešlo, asi kvôli tomu prístupu k netu
a trvalo to dosť dlho a nič to nenašlo

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2013.10.02.12

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16659
July :: MAŤKO [administrator]

13.4.2014 12:21:55
mbar-log-2014-04-13 (12-21-55).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 306850
Time elapsed: 42 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

[Márty84]

Zkuste ho spustit v tom nouzovem rezimu s praci v siti, aby se mohl aktualizovat.

[July]

už to išlo aktualizovať

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.04.13.02

Windows 8 x64 NTFS (Safe Mode/Networking)
Internet Explorer 11.0.9600.16659
July :: MAŤKO [administrator]

13.4.2014 14:09:26
mbar-log-2014-04-13 (14-09-26).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 344676
Time elapsed: 43 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

[Márty84]

Nikde nevidim havet, ktera toto obvykle provadi

Krom toho, ze nejdou prohlizece a antivir, je s pc nejaky problem? Napise to nejakou hlasku, kdyz to chcete spustit?

Podivejte se, jestli je vypnuty Windows Defender a systemovy Firewall.

Zkuste na zkousku odinstalovat Norton Internet Security, stejne jste psala, ze nejde spustit. Po jeho odinstalovani vyzkousejte prohlizece.

[July]

Windows Defender a Firewall sú zapnuté...
ale keď som odinštalovala ten Norton tak už tie prehliadače idú

[Márty84]

Ja si totiz myslim, ze se ty antiviry a firewaly mezi sebou zacly prat.

Zkuste tedy NIS znovu nainstalovat (je to placeny program, takze predpokladam, ze mate zakoupenou licenci a byla by skoda nevyuzit ji) a pokud se to neudela automaticky, vypnete Defender a systemovy Firewall a zase vyzkousejte prohlizece a vse co neslo.