SpomalenyStart,WINrobi vsetko spomalene-prosim o preventivku

Zpráva

iasak1982 · #1 Příspěvek od **iasak1982** » 14 srp 2013 11:58

Logfile of random's system information tool 1.09 (written by random/random)
Run by Marcel at 2013-08-14 11:51:18
Microsoft Windows 8
System drive C: has 437 GB (72%) free of 603 GB
Total RAM: 8081 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:51:23, on 14/08/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Marcel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.search.yahoo.com?type=114576&fr=spigot-yhp-ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN34C1CN5Z05WK:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
O4 - Global Startup: SRS PC Sound.lnk = C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Product - 2012/11/29 17:56:09 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10945 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
taskeng.exe {7912ED6F-2361-4F28-83F2-F2261BD3F705}
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\SCM\MSIService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f56cb53e-b058-4c32-b475-9c201de694fb -SystemEventPortName:HostProcess-3ae1a820-ea2c-46c9-b2d6-45dd230ba4fe -IoCancelEventPortName:HostProcess-37cf88f9-2405-4393-9cf0-8b3bacb46658 -NonStateChangingEventPortName:HostProcess-3774d1cd-0fc6-4afa-8705-26ed50886bde -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:757d2ce6-15c5-43ff-8681-4b03dd8dbd3d -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
dashost.exe {c860c9ad-93ee-4dd8-a786a736c6757e2b}
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4196.0.711051874\295893528" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2849 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4196.2.2059317066\2139699889" /prefetch:673131151
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin/ASCPlugin_Protect.dll" --lang=sk --channel="4196.4.1036448154\1934625551" /prefetch:-390060480
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4196.6.700798965\289375114" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4196.7.1177487476\2012410683" --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 588 592 600 65536 596
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\marce_000\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2013-04-24 659264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-11-28 13192848]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-11-28 2859344]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2012-08-27 11577216]
"Radio Manager"=C:\Program Files (x86)\SCM\Radio Manager.exe [2012-09-13 403848]
"SCM"=C:\Program Files (x86)\SCM\SCM.exe [2012-09-13 399776]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-28 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-11-28 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-11-28 441152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2013-04-18 491840]
"DAEMON Tools Ultra Agent"=C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [2013-06-25 3128352]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-02-28 18642024]
"HP Deskjet 3050A J611 series (NET)"=C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-09-12 56128]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-05-23 502328]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2012-07-31 78352]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS PC Sound.lnk - C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK32.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-28 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"EnableUIADesktopToggle"=0
"EnableCursorSuppression"=1
"ConsentPromptBehaviorUser"=3
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktopChanges"=1
"NoActiveDesktop"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-08-14 11:51:18 ----D---- C:\rsit
2013-08-14 11:51:18 ----D---- C:\Program Files\trend micro
2013-08-14 11:45:42 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-08-14 11:37:17 ----SHD---- C:\Config.Msi
2013-08-14 10:36:42 ----D---- C:\Users\marce_000\AppData\Roaming\Malwarebytes
2013-08-14 10:36:32 ----D---- C:\ProgramData\Malwarebytes
2013-08-14 10:36:31 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-14 10:36:31 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-08-14 10:32:34 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2013-08-14 10:32:34 ----A---- C:\Windows\SYSWOW64\winmmbase.dll
2013-08-14 10:32:34 ----A---- C:\Windows\SYSWOW64\winmm.dll
2013-08-14 10:32:34 ----A---- C:\Windows\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2013-08-14 10:32:34 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2013-08-14 10:32:34 ----A---- C:\Windows\SYSWOW64\openfiles.exe
2013-08-14 10:32:34 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2013-08-14 10:32:34 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-08-14 10:32:34 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2013-08-14 10:32:34 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2013-08-14 10:32:34 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-08-14 10:32:34 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-08-14 10:32:34 ----A---- C:\Windows\system32\wwansvc.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\wwanmm.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\wwanconn.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\Wwanadvui.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\WinSCard.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\winmmbase.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\winmm.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\win32k.sys
2013-08-14 10:32:34 ----A---- C:\Windows\system32\WerFault.exe
2013-08-14 10:32:34 ----A---- C:\Windows\system32\wcmsvc.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\wcmcsp.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\openfiles.exe
2013-08-14 10:32:34 ----A---- C:\Windows\system32\oleaut32.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\nshwfp.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\msftedit.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\LocationApi.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\localspl.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-08-14 10:32:34 ----A---- C:\Windows\system32\gdi32.dll
2013-08-14 10:32:34 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-08-14 10:32:34 ----A---- C:\Windows\system32\drivers\wfplwfs.sys
2013-08-14 10:32:34 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2013-08-14 10:32:34 ----A---- C:\Windows\system32\drivers\udfs.sys
2013-08-14 10:32:34 ----A---- C:\Windows\system32\drivers\sdbus.sys
2013-08-14 10:32:34 ----A---- C:\Windows\system32\drivers\msgpioclx.sys
2013-08-14 10:32:34 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2013-08-14 10:32:34 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2013-08-14 10:32:34 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2013-08-14 10:32:34 ----A---- C:\Windows\system32\BFE.DLL
2013-08-14 10:28:49 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2013-08-14 10:28:49 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-08-14 10:27:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\wininet.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\uxtheme.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\UXInit.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\urlmon.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\mshtml.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\jscript9.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\jscript.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\iesysprep.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\iesetup.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\iertutil.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\iernonce.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\ieframe.dll
2013-08-14 10:27:00 ----A---- C:\Windows\system32\ie4uinit.exe
2013-08-14 10:25:54 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-14 10:25:54 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-14 10:25:41 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-14 10:24:45 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-14 10:24:45 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-14 10:24:45 ----A---- C:\Windows\SYSWOW64\apprepsync.dll
2013-08-14 10:24:45 ----A---- C:\Windows\SYSWOW64\apprepapi.dll
2013-08-14 10:24:45 ----A---- C:\Windows\system32\wintrust.dll
2013-08-14 10:24:45 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-14 10:24:45 ----A---- C:\Windows\system32\crypt32.dll
2013-08-14 10:24:45 ----A---- C:\Windows\system32\apprepsync.dll
2013-08-14 10:24:45 ----A---- C:\Windows\system32\apprepapi.dll
2013-08-14 10:03:43 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2013-08-14 10:03:19 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2013-08-13 11:53:47 ----A---- C:\Windows\system32\drivers\aswFW.sys
2013-08-13 11:53:43 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-08-13 11:53:42 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2013-08-13 10:36:45 ----ASH---- C:\pagefile.sys
2013-08-10 19:17:38 ----D---- C:\Users\marce_000\AppData\Roaming\Identities
2013-08-09 16:51:13 ----D---- C:\Users\marce_000\AppData\Roaming\wargaming.net
2013-08-09 16:39:37 ----D---- C:\Games
2013-08-06 20:04:15 ----D---- C:\Program Files (x86)\Counter-Strike 1.6
2013-08-04 17:45:30 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2013-08-02 13:04:44 ----D---- C:\Program Files (x86)\Mafia II Kompletní Edice
2013-07-29 14:35:39 ----D---- C:\Program Files (x86)\AC3Filter
2013-07-28 18:38:22 ----D---- C:\Users\marce_000\AppData\Roaming\Nero
2013-07-28 18:32:08 ----D---- C:\Program Files (x86)\Nero
2013-07-28 18:31:59 ----D---- C:\ProgramData\Nero
2013-07-27 18:44:39 ----D---- C:\ProgramData\Microsoft Help
2013-07-27 18:14:08 ----D---- C:\Users\marce_000\AppData\Roaming\TeamViewer
2013-07-27 18:11:09 ----D---- C:\Program Files (x86)\TeamViewer
2013-07-27 17:39:13 ----D---- C:\Windows\system32\MRT
2013-07-26 18:55:21 ----D---- C:\ProgramData\Steam
2013-07-26 16:40:11 ----D---- C:\Users\marce_000\AppData\Roaming\NVIDIA
2013-07-26 16:30:25 ----D---- C:\Program Files (x86)\Metro Last Light
2013-07-25 15:37:35 ----D---- C:\Program Files (x86)\Ubisoft
2013-07-25 13:56:07 ----D---- C:\ProgramData\Ubisoft
2013-07-25 13:46:18 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-07-25 13:46:15 ----D---- C:\Users\marce_000\AppData\Roaming\PunkBuster
2013-07-25 13:35:58 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2013-07-25 13:35:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2013-07-25 13:35:58 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-07-25 13:35:58 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-07-25 13:35:56 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2013-07-25 13:35:56 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-07-23 15:09:58 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-07-23 15:09:53 ----A---- C:\Windows\system32\dwmcore.dll
2013-07-23 15:09:52 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2013-07-23 15:09:52 ----A---- C:\Windows\explorer.exe
2013-07-23 15:09:51 ----A---- C:\Windows\SYSWOW64\explorer.exe
2013-07-23 15:09:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-07-23 15:09:50 ----A---- C:\Windows\system32\samsrv.dll
2013-07-23 15:09:50 ----A---- C:\Windows\system32\mfcore.dll
2013-07-23 15:09:49 ----A---- C:\Windows\system32\drivers\volsnap.sys
2013-07-23 15:09:48 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2013-07-23 15:09:47 ----A---- C:\Windows\system32\winload.exe
2013-07-23 15:09:46 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-07-23 15:09:46 ----A---- C:\Windows\system32\vds.exe
2013-07-23 15:09:45 ----A---- C:\Windows\system32\winresume.exe
2013-07-23 15:09:45 ----A---- C:\Windows\system32\mscms.dll
2013-07-23 15:09:45 ----A---- C:\Windows\system32\mfasfsrcsnk.dll
2013-07-23 15:09:45 ----A---- C:\Windows\system32\audiosrv.dll
2013-07-23 15:09:44 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-07-23 15:09:44 ----A---- C:\Windows\SYSWOW64\mscms.dll
2013-07-23 15:09:44 ----A---- C:\Windows\system32\samlib.dll
2013-07-23 15:09:44 ----A---- C:\Windows\system32\drivers\UCX01000.SYS
2013-07-23 15:09:43 ----A---- C:\Windows\SYSWOW64\mfasfsrcsnk.dll
2013-07-23 15:09:42 ----A---- C:\Windows\system32\MbaeParserTask.exe
2013-07-23 15:09:42 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2013-07-23 15:09:42 ----A---- C:\Windows\system32\DeviceSetupManager.dll
2013-07-23 15:09:40 ----A---- C:\Windows\SYSWOW64\samlib.dll
2013-07-23 15:09:40 ----A---- C:\Windows\system32\vdsutil.dll
2013-07-23 15:09:35 ----A---- C:\Windows\system32\drivers\BthAvrcpTg.sys
2013-07-23 14:57:38 ----D---- C:\Program Files (x86)\Microsoft
2013-07-23 14:57:32 ----D---- C:\ProgramData\Visan
2013-07-23 14:57:32 ----D---- C:\ProgramData\HP Photo Creations
2013-07-23 14:57:32 ----D---- C:\Program Files (x86)\HP Photo Creations
2013-07-23 14:57:12 ----D---- C:\Users\marce_000\AppData\Roaming\HpUpdate
2013-07-23 14:56:51 ----N---- C:\Windows\system32\HPDiscoPMa011.dll
2013-07-23 14:56:06 ----D---- C:\ProgramData\HP
2013-07-23 14:56:04 ----D---- C:\Program Files (x86)\HP
2013-07-23 14:54:06 ----D---- C:\Program Files\HP
2013-07-23 14:54:03 ----A---- C:\ProgramData\Ament.ini
2013-07-23 14:50:27 ----A---- C:\Windows\SYSWOW64\untfs.dll
2013-07-23 14:50:27 ----A---- C:\Windows\SYSWOW64\autochk.exe
2013-07-23 14:50:25 ----A---- C:\Windows\system32\untfs.dll
2013-07-23 14:50:25 ----A---- C:\Windows\system32\autochk.exe
2013-07-23 14:50:24 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-07-23 14:50:22 ----A---- C:\Windows\system32\kernel32.dll
2013-07-23 14:50:08 ----A---- C:\Windows\system32\Taskmgr.exe
2013-07-23 14:50:08 ----A---- C:\Windows\system32\rdpcorets.dll
2013-07-23 14:50:07 ----A---- C:\Windows\SYSWOW64\WebcamUi.dll
2013-07-23 14:50:07 ----A---- C:\Windows\SYSWOW64\Taskmgr.exe
2013-07-23 14:50:07 ----A---- C:\Windows\system32\WebcamUi.dll
2013-07-23 14:50:07 ----A---- C:\Windows\system32\UserLanguagesCpl.dll
2013-07-23 14:50:07 ----A---- C:\Windows\system32\storagewmi.dll
2013-07-23 14:50:04 ----A---- C:\Windows\system32\wpnapps.dll
2013-07-23 14:50:01 ----A---- C:\Windows\SYSWOW64\wpnapps.dll
2013-07-23 14:50:01 ----A---- C:\Windows\SYSWOW64\UserLanguagesCpl.dll
2013-07-23 14:50:01 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-07-23 14:50:00 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2013-07-23 14:50:00 ----A---- C:\Windows\system32\mstsc.exe
2013-07-23 14:49:58 ----A---- C:\Windows\SYSWOW64\vds_ps.dll
2013-07-23 14:49:58 ----A---- C:\Windows\system32\vdsldr.exe
2013-07-23 14:49:58 ----A---- C:\Windows\system32\vds_ps.dll
2013-07-23 14:49:54 ----A---- C:\Windows\system32\sppwinob.dll
2013-07-23 14:49:49 ----A---- C:\Windows\SYSWOW64\Display.dll
2013-07-23 14:49:49 ----A---- C:\Windows\system32\KBDKURD.DLL
2013-07-23 14:49:49 ----A---- C:\Windows\system32\Display.dll
2013-07-23 14:49:48 ----A---- C:\Windows\SYSWOW64\KBDKURD.DLL
2013-07-23 14:49:47 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2013-07-23 14:49:47 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-23 14:49:47 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.dll
2013-07-23 14:49:47 ----A---- C:\Windows\system32\WSShared.dll
2013-07-23 14:49:47 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-07-23 14:49:47 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-07-23 14:48:48 ----A---- C:\Windows\system32\glcndFilter.dll
2013-07-23 14:48:45 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2013-07-23 14:48:43 ----A---- C:\Windows\system32\winhttp.dll
2013-07-23 14:48:43 ----A---- C:\Windows\system32\ole32.dll
2013-07-23 14:48:43 ----A---- C:\Windows\system32\KernelBase.dll
2013-07-23 14:48:42 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2013-07-23 14:48:40 ----A---- C:\Windows\SYSWOW64\ole32.dll
2013-07-23 14:48:40 ----A---- C:\Windows\HelpPane.exe
2013-07-23 14:48:38 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-07-23 14:48:38 ----A---- C:\Windows\system32\wlansvc.dll
2013-07-23 14:48:34 ----A---- C:\Windows\system32\dafWCN.dll
2013-07-23 14:48:33 ----A---- C:\Windows\system32\wlanmsm.dll
2013-07-23 14:48:33 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2013-07-23 14:48:33 ----A---- C:\Windows\system32\drivers\afd.sys
2013-07-23 14:48:32 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2013-07-23 14:48:32 ----A---- C:\Windows\system32\MFCaptureEngine.dll
2013-07-23 14:48:31 ----A---- C:\Windows\system32\rdpclip.exe
2013-07-23 14:48:29 ----A---- C:\Windows\SYSWOW64\MFCaptureEngine.dll
2013-07-23 14:48:27 ----A---- C:\Windows\system32\wlanapi.dll
2013-07-23 14:48:27 ----A---- C:\Windows\system32\wcncsvc.dll
2013-07-23 14:48:25 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2013-07-23 14:48:25 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2013-07-23 14:48:25 ----A---- C:\Windows\SYSWOW64\WcnApi.dll
2013-07-23 14:48:25 ----A---- C:\Windows\system32\WcnApi.dll
2013-07-23 14:48:24 ----A---- C:\Windows\system32\wlansec.dll
2013-07-23 14:48:23 ----A---- C:\Windows\SYSWOW64\fdWCN.dll
2013-07-23 14:48:23 ----A---- C:\Windows\system32\WcnEapAuthProxy.dll
2013-07-23 14:48:23 ----A---- C:\Windows\system32\fdWCN.dll
2013-07-23 14:48:22 ----A---- C:\Windows\system32\wfdprov.dll
2013-07-23 14:48:22 ----A---- C:\Windows\system32\WcnEapPeerProxy.dll
2013-07-23 14:48:21 ----A---- C:\Windows\SYSWOW64\wfdprov.dll
2013-07-23 14:48:10 ----A---- C:\Windows\system32\drivers\processr.sys
2013-07-23 14:48:10 ----A---- C:\Windows\system32\drivers\intelppm.sys
2013-07-23 14:48:10 ----A---- C:\Windows\system32\drivers\fxppm.sys
2013-07-23 14:48:10 ----A---- C:\Windows\system32\drivers\amdppm.sys
2013-07-23 14:48:10 ----A---- C:\Windows\system32\drivers\amdk8.sys
2013-07-23 14:48:09 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2013-07-23 14:48:09 ----A---- C:\Windows\system32\wlanhlp.dll
2013-07-23 14:48:03 ----A---- C:\Windows\system32\iscsilog.dll
2013-07-22 12:12:18 ----A---- C:\Windows\system32\tssdisai.dll
2013-07-22 11:50:46 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-07-22 11:19:05 ----RD---- C:\Windows\BrowserChoice
2013-07-21 20:40:29 ----A---- C:\Windows\system32\msvcr100_clr0400.dll
2013-07-21 10:11:15 ----A---- C:\Windows\system32\MRT.exe
2013-07-21 10:03:15 ----A---- C:\Windows\SYSWOW64\msvcr100_clr0400.dll
2013-07-21 09:57:37 ----A---- C:\Windows\system32\wlidsvc.dll
2013-07-21 09:57:37 ----A---- C:\Windows\system32\msctf.dll
2013-07-21 09:57:37 ----A---- C:\Windows\system32\mmc.exe
2013-07-21 09:57:36 ----A---- C:\Windows\SYSWOW64\mmc.exe
2013-07-21 09:57:35 ----A---- C:\Windows\SYSWOW64\msctf.dll
2013-07-21 09:57:33 ----A---- C:\Windows\system32\Windows.Media.dll
2013-07-21 09:57:33 ----A---- C:\Windows\system32\setupapi.dll
2013-07-21 09:57:33 ----A---- C:\Windows\system32\lsm.dll
2013-07-21 09:57:32 ----A---- C:\Windows\SYSWOW64\setupapi.dll
2013-07-21 09:57:32 ----A---- C:\Windows\system32\drivers\msgpiowin32.sys
2013-07-21 09:57:31 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-07-21 09:57:31 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-07-21 09:57:31 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-07-21 09:57:30 ----A---- C:\Windows\system32\WSDMon.dll
2013-07-21 09:57:30 ----A---- C:\Windows\system32\inetpp.dll
2013-07-21 09:57:29 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2013-07-21 09:57:29 ----A---- C:\Windows\system32\MP4SDECD.DLL
2013-07-21 09:57:28 ----A---- C:\Windows\SYSWOW64\wiaacmgr.exe
2013-07-21 09:57:28 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2013-07-21 09:57:28 ----A---- C:\Windows\system32\wiaacmgr.exe
2013-07-21 09:57:28 ----A---- C:\Windows\system32\ncbservice.dll
2013-07-21 09:57:28 ----A---- C:\Windows\system32\httpprxm.dll
2013-07-21 09:57:28 ----A---- C:\Windows\system32\adhsvc.dll
2013-07-21 09:57:27 ----A---- C:\Windows\system32\keepaliveprovider.dll
2013-07-21 09:57:27 ----A---- C:\Windows\system32\httpprxp.dll
2013-07-21 09:57:27 ----A---- C:\Windows\system32\adhapi.dll
2013-07-21 09:57:21 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2013-07-21 09:57:21 ----A---- C:\Windows\system32\drivers\bthenum.sys
2013-07-21 09:54:38 ----A---- C:\Windows\system32\wmp.dll
2013-07-21 09:54:38 ----A---- C:\Windows\system32\tquery.dll
2013-07-21 09:54:37 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-07-21 09:54:36 ----A---- C:\Windows\system32\mssrch.dll
2013-07-21 09:54:35 ----A---- C:\Windows\SYSWOW64\tquery.dll
2013-07-21 09:54:33 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2013-07-21 09:54:32 ----A---- C:\Windows\system32\ntdll.dll
2013-07-21 09:54:30 ----A---- C:\Windows\system32\MSAudDecMFT.dll
2013-07-21 09:54:29 ----A---- C:\Windows\SYSWOW64\MSAudDecMFT.dll
2013-07-21 09:54:29 ----A---- C:\Windows\system32\schedsvc.dll
2013-07-21 09:54:29 ----A---- C:\Windows\system32\kd_02_10ec.dll
2013-07-21 09:54:28 ----A---- C:\Windows\SYSWOW64\mssph.dll
2013-07-21 09:54:28 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2013-07-21 09:54:28 ----A---- C:\Windows\system32\SearchIndexer.exe
2013-07-21 09:54:28 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-07-21 09:54:27 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2013-07-21 09:54:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-07-21 09:54:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-07-21 09:54:27 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2013-07-21 09:54:27 ----A---- C:\Windows\system32\schannel.dll
2013-07-21 09:54:27 ----A---- C:\Windows\system32\rsaenh.dll
2013-07-21 09:54:27 ----A---- C:\Windows\system32\kerberos.dll
2013-07-21 09:54:27 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2013-07-21 09:54:27 ----A---- C:\Windows\system32\AudioSes.dll
2013-07-21 09:54:26 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2013-07-21 09:54:26 ----A---- C:\Windows\system32\Windows.Networking.dll
2013-07-21 09:54:26 ----A---- C:\Windows\system32\mssph.dll
2013-07-21 09:54:26 ----A---- C:\Windows\system32\dwmredir.dll
2013-07-21 09:54:26 ----A---- C:\Windows\system32\conhost.exe
2013-07-21 09:54:26 ----A---- C:\Windows\system32\AudioEng.dll
2013-07-21 09:54:26 ----A---- C:\Windows\system32\audiodg.exe
2013-07-21 09:54:25 ----A---- C:\Windows\SYSWOW64\rsaenh.dll
2013-07-21 09:54:25 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2013-07-21 09:54:25 ----A---- C:\Windows\system32\RecoveryDrive.exe
2013-07-21 09:54:25 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-07-21 09:54:24 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2013-07-21 09:54:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-07-21 09:54:24 ----A---- C:\Windows\system32\wpncore.dll
2013-07-21 09:54:24 ----A---- C:\Windows\system32\MFMediaEngine.dll
2013-07-21 09:54:22 ----A---- C:\Windows\SYSWOW64\Windows.Networking.dll
2013-07-21 09:54:21 ----A---- C:\Windows\system32\XpsRasterService.dll
2013-07-21 09:54:21 ----A---- C:\Windows\system32\fhengine.dll
2013-07-21 09:54:21 ----A---- C:\Windows\system32\dmvdsitf.dll
2013-07-21 09:54:21 ----A---- C:\Windows\system32\ci.dll
2013-07-21 09:54:21 ----A---- C:\Windows\system32\actxprxy.dll
2013-07-21 09:54:20 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2013-07-21 09:54:20 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2013-07-21 09:54:19 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2013-07-21 09:54:19 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2013-07-21 09:54:19 ----A---- C:\Windows\system32\mfreadwrite.dll
2013-07-21 09:54:19 ----A---- C:\Windows\system32\drivers\pdc.sys
2013-07-21 09:54:19 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-07-21 09:54:19 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2013-07-21 09:54:18 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2013-07-21 09:54:18 ----A---- C:\Windows\SYSWOW64\Robocopy.exe
2013-07-21 09:54:18 ----A---- C:\Windows\system32\SearchFilterHost.exe
2013-07-21 09:54:18 ----A---- C:\Windows\system32\Robocopy.exe
2013-07-21 09:54:18 ----A---- C:\Windows\system32\kdvm.dll
2013-07-21 09:54:17 ----A---- C:\Windows\system32\iuilp.dll
2013-07-21 09:54:16 ----A---- C:\Windows\SYSWOW64\dmvdsitf.dll
2013-07-21 09:54:16 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2013-07-21 09:54:15 ----A---- C:\Windows\system32\drivers\hidbth.sys
2013-07-21 09:54:13 ----A---- C:\Windows\system32\AUDIOKSE.dll
2013-07-21 09:54:11 ----A---- C:\Windows\system32\kdnet.dll
2013-07-21 09:54:10 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2013-07-21 09:54:10 ----A---- C:\Windows\system32\wscsvc.dll
2013-07-21 09:54:10 ----A---- C:\Windows\system32\drivers\wanarp.sys
2013-07-21 09:54:09 ----A---- C:\Windows\system32\mssvp.dll
2013-07-21 09:54:09 ----A---- C:\Windows\system32\GenuineCenter.dll
2013-07-21 09:54:09 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2013-07-21 09:54:09 ----A---- C:\Windows\system32\drivers\hidusb.sys
2013-07-21 09:54:09 ----A---- C:\Windows\system32\drivers\hidi2c.sys
2013-07-21 09:54:08 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2013-07-21 09:54:08 ----A---- C:\Windows\system32\fmifs.dll
2013-07-21 09:54:07 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2013-07-21 09:54:07 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2013-07-21 09:54:07 ----A---- C:\Windows\SYSWOW64\fmifs.dll
2013-07-21 09:54:07 ----A---- C:\Windows\system32\mssprxy.dll

iasak1982 · #2 Příspěvek od **iasak1982** » 14 srp 2013 12:00

pokracovanie vypisu z RSIT

2013-07-21 09:54:07 ----A---- C:\Windows\system32\msshooks.dll
2013-07-21 09:54:07 ----A---- C:\Windows\system32\msscntrs.dll
2013-07-21 09:54:03 ----A---- C:\Windows\system32\EncDump.dll
2013-07-21 09:53:58 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-07-21 09:53:58 ----A---- C:\Windows\system32\tzres.dll
2013-07-21 09:49:43 ----A---- C:\Windows\system32\wuaueng.dll
2013-07-21 09:49:42 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2013-07-21 09:49:42 ----A---- C:\Windows\system32\twinui.dll
2013-07-21 09:49:40 ----A---- C:\Windows\SYSWOW64\twinui.dll
2013-07-21 09:49:39 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2013-07-21 09:49:38 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2013-07-21 09:49:37 ----A---- C:\Windows\system32\ubpm.dll
2013-07-21 09:49:37 ----A---- C:\Windows\system32\sysmain.dll
2013-07-21 09:49:37 ----A---- C:\Windows\system32\drivers\rdbss.sys
2013-07-21 09:49:36 ----A---- C:\Windows\system32\VSSVC.exe
2013-07-21 09:49:36 ----A---- C:\Windows\system32\BCP47Langs.dll
2013-07-21 09:49:35 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2013-07-21 09:49:35 ----A---- C:\Windows\SYSWOW64\BCP47Langs.dll
2013-07-21 09:49:35 ----A---- C:\Windows\system32\wuapi.dll
2013-07-21 09:49:35 ----A---- C:\Windows\system32\netprofmsvc.dll
2013-07-21 09:49:35 ----A---- C:\Windows\system32\authui.dll
2013-07-21 09:49:34 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-07-21 09:49:34 ----A---- C:\Windows\system32\wucltux.dll
2013-07-21 09:49:34 ----A---- C:\Windows\system32\netprofm.dll
2013-07-21 09:49:33 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2013-07-21 09:49:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2013-07-21 09:49:32 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2013-07-21 09:49:32 ----A---- C:\Windows\system32\stobject.dll
2013-07-21 09:49:32 ----A---- C:\Windows\system32\netplwiz.dll
2013-07-21 09:49:32 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2013-07-21 09:49:31 ----A---- C:\Windows\system32\Magnify.exe
2013-07-21 09:49:30 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2013-07-21 09:49:30 ----A---- C:\Windows\system32\wups.dll
2013-07-21 09:49:30 ----A---- C:\Windows\system32\taskhost.exe
2013-07-21 09:49:30 ----A---- C:\Windows\system32\psmsrv.dll
2013-07-21 09:49:30 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2013-07-21 09:49:30 ----A---- C:\Windows\system32\drivers\spaceport.sys
2013-07-21 09:49:29 ----A---- C:\Windows\SYSWOW64\stobject.dll
2013-07-21 09:49:29 ----A---- C:\Windows\system32\wuauclt.exe
2013-07-21 09:49:29 ----A---- C:\Windows\system32\DevicePairing.dll
2013-07-21 09:49:28 ----A---- C:\Windows\SYSWOW64\Magnify.exe
2013-07-21 09:49:28 ----A---- C:\Windows\system32\AuthHost.exe
2013-07-21 09:49:27 ----A---- C:\Windows\SYSWOW64\netprofm.dll
2013-07-21 09:49:27 ----A---- C:\Windows\SYSWOW64\DevicePairing.dll
2013-07-21 09:49:27 ----A---- C:\Windows\system32\taskhostex.exe
2013-07-21 09:49:27 ----A---- C:\Windows\system32\storewuauth.dll
2013-07-21 09:49:27 ----A---- C:\Windows\system32\biwinrt.dll
2013-07-21 09:49:26 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2013-07-21 09:49:26 ----A---- C:\Windows\SYSWOW64\biwinrt.dll
2013-07-21 09:49:26 ----A---- C:\Windows\system32\wuwebv.dll
2013-07-21 09:49:26 ----A---- C:\Windows\system32\wudriver.dll
2013-07-21 09:49:25 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2013-07-21 09:49:25 ----A---- C:\Windows\system32\bisrv.dll
2013-07-21 09:49:24 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2013-07-21 09:49:23 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2013-07-21 09:49:23 ----A---- C:\Windows\SYSWOW64\muifontsetup.dll
2013-07-21 09:49:23 ----A---- C:\Windows\system32\wuapp.exe
2013-07-21 09:49:23 ----A---- C:\Windows\system32\muifontsetup.dll
2013-07-21 09:49:22 ----A---- C:\Windows\SYSWOW64\npmproxy.dll
2013-07-21 09:48:05 ----A---- C:\Windows\system32\sppobjs.dll
2013-07-21 09:48:01 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-07-21 09:48:00 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-07-21 09:48:00 ----A---- C:\Windows\system32\mstscax.dll
2013-07-21 09:47:58 ----A---- C:\Windows\system32\wmpmde.dll
2013-07-21 09:47:56 ----A---- C:\Windows\system32\winmde.dll
2013-07-21 09:47:55 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-07-21 09:47:55 ----A---- C:\Windows\system32\Windows.Globalization.dll
2013-07-21 09:47:54 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2013-07-21 09:47:54 ----A---- C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2013-07-21 09:47:54 ----A---- C:\Windows\system32\TimeBrokerServer.dll
2013-07-21 09:47:54 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2013-07-21 09:47:54 ----A---- C:\Windows\system32\drivers\storport.sys
2013-07-21 09:47:53 ----A---- C:\Windows\system32\drivers\bthport.sys
2013-07-21 09:47:52 ----A---- C:\Windows\SYSWOW64\winmde.dll
2013-07-21 09:47:52 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2013-07-21 09:47:52 ----A---- C:\Windows\system32\wpdbusenum.dll
2013-07-21 09:47:52 ----A---- C:\Windows\system32\usbmon.dll
2013-07-21 09:47:52 ----A---- C:\Windows\system32\SettingSync.dll
2013-07-21 09:47:52 ----A---- C:\Windows\system32\netcfgx.dll
2013-07-21 09:47:51 ----A---- C:\Windows\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2013-07-21 09:47:51 ----A---- C:\Windows\SYSWOW64\drvstore.dll
2013-07-21 09:47:51 ----A---- C:\Windows\system32\drvstore.dll
2013-07-21 09:47:51 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2013-07-21 09:47:50 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2013-07-21 09:47:49 ----A---- C:\Windows\system32\drivers\rfcomm.sys
2013-07-21 09:47:49 ----A---- C:\Windows\system32\discan.dll
2013-07-21 09:47:48 ----A---- C:\Windows\system32\NdisImPlatform.dll
2013-07-21 09:47:47 ----A---- C:\Windows\system32\fsquirt.exe
2013-07-21 09:47:47 ----A---- C:\Windows\system32\drivers\tpm.sys
2013-07-21 09:47:47 ----A---- C:\Windows\system32\drivers\storahci.sys
2013-07-21 09:47:47 ----A---- C:\Windows\system32\DevDispItemProvider.dll
2013-07-21 09:47:46 ----A---- C:\Windows\SYSWOW64\SettingSyncInfo.dll
2013-07-21 09:47:46 ----A---- C:\Windows\system32\WSDPrintProxy.DLL
2013-07-21 09:47:45 ----A---- C:\Windows\SYSWOW64\DevDispItemProvider.dll
2013-07-21 09:47:45 ----A---- C:\Windows\system32\SettingSyncInfo.dll
2013-07-21 09:47:45 ----A---- C:\Windows\system32\drivers\mouhid.sys
2013-07-21 09:47:45 ----A---- C:\Windows\system32\drivers\monitor.sys
2013-07-21 09:47:43 ----A---- C:\Windows\SYSWOW64\wups.dll
2013-07-21 09:47:41 ----A---- C:\Windows\system32\wuaext.dll
2013-07-21 09:47:29 ----A---- C:\Windows\system32\wushareduxresources.dll
2013-07-21 09:47:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-07-21 09:47:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-07-21 09:45:41 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-07-21 09:45:41 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-07-21 09:44:10 ----A---- C:\Windows\SYSWOW64\ReAgent.dll
2013-07-21 09:44:10 ----A---- C:\Windows\system32\sysreset.exe
2013-07-21 09:44:10 ----A---- C:\Windows\system32\resetengmig.dll
2013-07-21 09:44:10 ----A---- C:\Windows\system32\reseteng.dll
2013-07-21 09:44:10 ----A---- C:\Windows\system32\ReAgent.dll
2013-07-21 09:43:48 ----A---- C:\Windows\system32\VmHostAI.dll
2013-07-21 09:43:48 ----A---- C:\Windows\system32\RDWebAI.dll
2013-07-21 09:43:48 ----A---- C:\Windows\system32\appserverai.dll
2013-07-21 09:43:42 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-07-21 09:43:42 ----A---- C:\Windows\system32\poqexec.exe
2013-07-21 09:43:31 ----A---- C:\Windows\system32\pcasvc.dll
2013-07-21 09:43:31 ----A---- C:\Windows\system32\pcalua.exe
2013-07-21 09:43:31 ----A---- C:\Windows\system32\pcadm.dll
2013-07-21 09:43:30 ----A---- C:\Windows\system32\pcaevts.dll
2013-07-21 09:43:09 ----A---- C:\Windows\SYSWOW64\duser.dll
2013-07-21 09:43:09 ----A---- C:\Windows\system32\wlroamextension.dll
2013-07-21 09:43:09 ----A---- C:\Windows\system32\duser.dll
2013-07-21 09:43:08 ----A---- C:\Windows\system32\WWanAPI.dll
2013-07-21 09:43:08 ----A---- C:\Windows\system32\Windows.Networking.Connectivity.dll
2013-07-21 09:43:08 ----A---- C:\Windows\system32\ncsi.dll
2013-07-21 09:43:08 ----A---- C:\Windows\system32\hotspotauth.dll
2013-07-21 09:43:08 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-07-21 09:43:08 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-07-21 09:43:07 ----A---- C:\Windows\SYSWOW64\WWanAPI.dll
2013-07-21 09:43:07 ----A---- C:\Windows\SYSWOW64\Windows.Networking.Connectivity.dll
2013-07-21 09:43:07 ----A---- C:\Windows\system32\taskkill.exe
2013-07-21 09:43:07 ----A---- C:\Windows\system32\mbsmsapi.dll
2013-07-21 09:43:07 ----A---- C:\Windows\system32\drivers\ks.sys
2013-07-21 09:43:06 ----A---- C:\Windows\SYSWOW64\mbsmsapi.dll
2013-07-21 09:43:06 ----A---- C:\Windows\system32\tasklist.exe
2013-07-21 09:43:04 ----A---- C:\Windows\SYSWOW64\wlroamextension.dll
2013-07-21 09:42:57 ----A---- C:\Windows\SYSWOW64\taskkill.exe
2013-07-21 09:42:56 ----A---- C:\Windows\SYSWOW64\tasklist.exe
2013-07-21 09:42:56 ----A---- C:\Windows\system32\wpd_ci.dll
2013-07-21 09:42:56 ----A---- C:\Windows\system32\wersvc.dll
2013-07-21 09:42:56 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2013-07-21 09:42:55 ----A---- C:\Windows\SYSWOW64\nlmsprep.dll
2013-07-21 09:42:55 ----A---- C:\Windows\SYSWOW64\nlmproxy.dll
2013-07-21 09:42:55 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-07-21 09:42:55 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-07-21 09:42:55 ----A---- C:\Windows\system32\drivers\BthhfHid.sys
2013-07-21 09:42:55 ----A---- C:\Windows\system32\drivers\BtaMPM.sys
2013-07-21 09:42:33 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2013-07-21 09:42:33 ----A---- C:\Windows\system32\GdiPlus.dll
2013-07-21 09:42:30 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-07-21 09:42:30 ----A---- C:\Windows\system32\cryptdlg.dll
2013-07-21 09:42:15 ----A---- C:\Windows\system32\shell32.dll
2013-07-21 09:42:13 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-07-21 09:42:09 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-07-21 09:42:09 ----A---- C:\Windows\system32\shdocvw.dll
2013-07-21 09:42:09 ----A---- C:\Windows\system32\consent.exe
2013-07-21 09:42:09 ----A---- C:\Windows\system32\appinfo.dll
2013-07-21 09:41:45 ----A---- C:\Windows\SYSWOW64\ReAgentc.exe
2013-07-21 09:41:45 ----A---- C:\Windows\system32\ReAgentc.exe
2013-07-21 09:41:42 ----A---- C:\Windows\SYSWOW64\esent.dll
2013-07-21 09:41:41 ----A---- C:\Windows\system32\esent.dll
2013-07-20 14:46:01 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-07-20 14:46:01 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-07-20 14:45:36 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-07-20 14:45:36 ----A---- C:\Windows\system32\synceng.dll
2013-07-20 14:45:33 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2013-07-20 14:45:33 ----A---- C:\Windows\system32\ncryptsslp.dll
2013-07-20 14:45:17 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-20 14:45:17 ----A---- C:\Windows\system32\DWrite.dll
2013-07-20 14:44:49 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-07-20 14:44:49 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-07-20 14:44:49 ----A---- C:\Windows\system32\cryptnet.dll
2013-07-20 14:44:49 ----A---- C:\Windows\system32\certutil.exe
2013-07-20 14:44:12 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-20 14:44:12 ----A---- C:\Windows\system32\qedit.dll
2013-07-20 14:43:16 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-07-20 14:43:15 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-07-20 14:42:43 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-20 14:42:42 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-20 14:42:35 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-07-20 14:42:35 ----A---- C:\Windows\system32\dpnsvr.exe
2013-07-20 14:42:35 ----A---- C:\Windows\system32\dpnet.dll
2013-07-20 14:42:34 ----A---- C:\Windows\SYSWOW64\dpnsvr.exe
2013-07-20 14:42:34 ----A---- C:\Windows\SYSWOW64\dpnlobby.dll
2013-07-20 14:42:34 ----A---- C:\Windows\SYSWOW64\dpnhupnp.dll
2013-07-20 14:42:34 ----A---- C:\Windows\SYSWOW64\dpnhpast.dll
2013-07-20 14:42:34 ----A---- C:\Windows\SYSWOW64\dpnathlp.dll
2013-07-20 14:42:34 ----A---- C:\Windows\SYSWOW64\dpnaddr.dll
2013-07-20 14:42:34 ----A---- C:\Windows\system32\win32spl.dll
2013-07-20 14:42:34 ----A---- C:\Windows\system32\dpnlobby.dll
2013-07-20 14:42:34 ----A---- C:\Windows\system32\dpnhupnp.dll
2013-07-20 14:42:34 ----A---- C:\Windows\system32\dpnhpast.dll
2013-07-20 14:42:34 ----A---- C:\Windows\system32\dpnathlp.dll
2013-07-20 14:42:34 ----A---- C:\Windows\system32\dpnaddr.dll
2013-07-20 14:42:33 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-07-20 14:42:33 ----A---- C:\Windows\system32\atmlib.dll
2013-07-20 14:42:33 ----A---- C:\Windows\system32\atmfd.dll
2013-07-20 14:42:32 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-07-20 14:42:32 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-07-20 14:42:32 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-07-20 14:42:32 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-07-20 14:42:32 ----A---- C:\Windows\system32\lpk.dll
2013-07-20 14:42:32 ----A---- C:\Windows\system32\fontsub.dll
2013-07-20 14:42:32 ----A---- C:\Windows\system32\dciman32.dll
2013-07-20 14:42:31 ----A---- C:\Windows\system32\drivers\http.sys
2013-07-20 14:42:20 ----A---- C:\Windows\system32\msxml6.dll
2013-07-20 14:42:20 ----A---- C:\Windows\system32\msxml3.dll
2013-07-20 14:42:19 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-07-20 14:42:18 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-07-20 14:42:17 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2013-07-20 14:42:17 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-07-20 14:42:17 ----A---- C:\Windows\system32\msxml6r.dll
2013-07-20 14:42:17 ----A---- C:\Windows\system32\msxml3r.dll
2013-07-20 09:36:05 ----DC---- C:\Windows\system32\DRVSTORE
2013-07-20 09:35:40 ----D---- C:\ProgramData\Apple Computer
2013-07-20 09:35:40 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-20 09:35:27 ----D---- C:\Program Files (x86)\Apple Software Update
2013-07-20 09:34:41 ----D---- C:\Program Files\Common Files\Apple
2013-07-20 09:34:34 ----D---- C:\Program Files\Bonjour
2013-07-20 09:34:34 ----D---- C:\Program Files (x86)\Bonjour
2013-07-20 09:32:51 ----D---- C:\ProgramData\Apple
2013-07-19 22:53:53 ----ASH---- C:\hiberfil.sys
2013-07-19 22:47:24 ----ASH---- C:\swapfile.sys
2013-07-19 22:47:24 ----A---- C:\DUMP3d47.tmp
2013-07-19 22:47:22 ----SHD---- C:\System Volume Information
2013-07-19 22:47:03 ----A---- C:\Recovery.txt
2013-07-19 18:01:02 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-07-19 18:00:23 ----D---- C:\ProgramData\Orbit
2013-07-19 17:57:41 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2013-07-19 17:57:41 ----A---- C:\Windows\system32\xactengine3_7.dll
2013-07-19 17:57:40 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2013-07-19 17:57:40 ----A---- C:\Windows\system32\d3dcsx_43.dll
2013-07-19 17:57:39 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2013-07-19 17:57:39 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2013-07-19 17:57:39 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-07-19 17:57:39 ----A---- C:\Windows\system32\d3dx10_43.dll
2013-07-19 17:57:38 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2013-07-19 17:57:38 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2013-07-19 17:57:38 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2013-07-19 17:57:38 ----A---- C:\Windows\system32\XAudio2_6.dll
2013-07-19 17:57:38 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2013-07-19 17:57:38 ----A---- C:\Windows\system32\xactengine3_6.dll
2013-07-19 17:57:37 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2013-07-19 17:57:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2013-07-19 17:57:37 ----A---- C:\Windows\system32\XAudio2_5.dll
2013-07-19 17:57:37 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2013-07-19 17:57:36 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2013-07-19 17:57:36 ----A---- C:\Windows\system32\xactengine3_5.dll
2013-07-19 17:57:35 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2013-07-19 17:57:35 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2013-07-19 17:57:35 ----A---- C:\Windows\system32\d3dcsx_42.dll
2013-07-19 17:57:35 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2013-07-19 17:57:34 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2013-07-19 17:57:34 ----A---- C:\Windows\system32\d3dx11_42.dll
2013-07-19 17:57:33 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2013-07-19 17:57:33 ----A---- C:\Windows\system32\D3DX9_42.dll
2013-07-19 17:57:33 ----A---- C:\Windows\system32\d3dx10_41.dll
2013-07-19 17:57:33 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2013-07-19 17:57:32 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2013-07-19 17:57:32 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2013-07-19 17:57:32 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2013-07-19 17:57:32 ----A---- C:\Windows\system32\XAudio2_4.dll
2013-07-19 17:57:32 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2013-07-19 17:57:32 ----A---- C:\Windows\system32\D3DX9_41.dll
2013-07-19 17:57:31 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2013-07-19 17:57:31 ----A---- C:\Windows\system32\xactengine3_4.dll
2013-07-19 17:57:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2013-07-19 17:57:30 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2013-07-19 17:57:29 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2013-07-19 17:57:29 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2013-07-19 17:57:28 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2013-07-19 17:57:28 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2013-07-19 17:57:28 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2013-07-19 17:57:28 ----A---- C:\Windows\system32\XAudio2_3.dll
2013-07-19 17:57:28 ----A---- C:\Windows\system32\xactengine3_3.dll
2013-07-19 17:57:28 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2013-07-19 17:57:27 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2013-07-19 17:57:27 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2013-07-19 17:57:27 ----A---- C:\Windows\system32\XAudio2_2.dll
2013-07-19 17:57:27 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2013-07-19 17:57:26 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2013-07-19 17:57:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2013-07-19 17:57:26 ----A---- C:\Windows\system32\xactengine3_2.dll
2013-07-19 17:57:26 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-07-19 17:57:25 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2013-07-19 17:57:25 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-07-19 17:57:24 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2013-07-19 17:57:24 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-07-19 17:56:44 ----HD---- C:\Windows\msdownld.tmp
2013-07-19 17:56:43 ----D---- C:\Windows\SYSWOW64\directx
2013-07-19 17:44:37 ----D---- C:\Hry
2013-07-19 16:41:56 ----D---- C:\Users\marce_000\AppData\Roaming\Leadertech
2013-07-19 16:39:11 ----D---- C:\Program Files (x86)\EA Sports
2013-07-19 16:39:10 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2013-07-19 16:39:10 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2013-07-19 16:39:10 ----A---- C:\Windows\system32\XAudio2_1.dll
2013-07-19 16:39:10 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2013-07-19 16:39:09 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2013-07-19 16:39:09 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2013-07-19 16:39:09 ----A---- C:\Windows\system32\xactengine3_1.dll
2013-07-19 16:39:09 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2013-07-19 16:39:08 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2013-07-19 16:39:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2013-07-19 16:39:08 ----A---- C:\Windows\system32\d3dx10_38.dll
2013-07-19 16:39:08 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2013-07-19 16:39:07 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2013-07-19 16:39:07 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2013-07-19 16:39:07 ----A---- C:\Windows\system32\XAudio2_0.dll
2013-07-19 16:39:07 ----A---- C:\Windows\system32\D3DX9_38.dll
2013-07-19 16:39:06 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2013-07-19 16:39:06 ----A---- C:\Windows\system32\xactengine3_0.dll
2013-07-19 16:39:05 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2013-07-19 16:39:05 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2013-07-19 16:39:05 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2013-07-19 16:39:05 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2013-07-19 16:39:05 ----A---- C:\Windows\system32\d3dx10_37.dll
2013-07-19 16:39:05 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2013-07-19 16:39:04 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2013-07-19 16:39:04 ----A---- C:\Windows\system32\D3DX9_37.dll
2013-07-19 16:39:03 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2013-07-19 16:39:03 ----A---- C:\Windows\system32\xactengine2_10.dll
2013-07-19 16:39:01 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2013-07-19 16:39:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2013-07-19 16:39:01 ----A---- C:\Windows\system32\d3dx10_36.dll
2013-07-19 16:39:01 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2013-07-19 16:39:00 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2013-07-19 16:39:00 ----A---- C:\Windows\system32\d3dx9_36.dll
2013-07-19 16:38:59 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2013-07-19 16:38:59 ----A---- C:\Windows\system32\xactengine2_9.dll
2013-07-19 16:38:58 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2013-07-19 16:38:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2013-07-19 16:38:58 ----A---- C:\Windows\system32\d3dx10_35.dll
2013-07-19 16:38:58 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2013-07-19 16:38:57 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2013-07-19 16:38:57 ----A---- C:\Windows\system32\d3dx9_35.dll
2013-07-19 16:38:56 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2013-07-19 16:38:56 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2013-07-19 16:38:56 ----A---- C:\Windows\system32\xactengine2_8.dll
2013-07-19 16:38:56 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2013-07-19 16:38:55 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2013-07-19 16:38:55 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2013-07-19 16:38:55 ----A---- C:\Windows\system32\d3dx10_34.dll
2013-07-19 16:38:55 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2013-07-19 16:38:54 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2013-07-19 16:38:54 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2013-07-19 16:38:54 ----A---- C:\Windows\system32\xinput1_3.dll
2013-07-19 16:38:54 ----A---- C:\Windows\system32\d3dx9_34.dll
2013-07-19 16:38:53 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2013-07-19 16:38:53 ----A---- C:\Windows\system32\xactengine2_7.dll
2013-07-19 16:38:52 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2013-07-19 16:38:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2013-07-19 16:38:52 ----A---- C:\Windows\system32\d3dx10_33.dll
2013-07-19 16:38:52 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2013-07-19 16:38:51 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2013-07-19 16:38:51 ----A---- C:\Windows\system32\d3dx9_33.dll
2013-07-19 16:38:50 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2013-07-19 16:38:50 ----A---- C:\Windows\system32\xactengine2_6.dll
2013-07-19 16:38:49 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2013-07-19 16:38:49 ----A---- C:\Windows\system32\xactengine2_5.dll
2013-07-19 16:38:48 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2013-07-19 16:38:48 ----A---- C:\Windows\system32\d3dx10.dll
2013-07-19 16:38:46 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2013-07-19 16:38:46 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2013-07-19 16:38:46 ----A---- C:\Windows\system32\xactengine2_4.dll
2013-07-19 16:38:46 ----A---- C:\Windows\system32\x3daudio1_1.dll
2013-07-19 16:38:45 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2013-07-19 16:38:45 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-07-19 16:38:44 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2013-07-19 16:38:44 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2013-07-19 16:38:44 ----A---- C:\Windows\system32\xinput1_2.dll
2013-07-19 16:38:44 ----A---- C:\Windows\system32\xactengine2_3.dll
2013-07-19 16:38:43 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2013-07-19 16:38:43 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2013-07-19 16:38:43 ----A---- C:\Windows\system32\xinput1_1.dll
2013-07-19 16:38:43 ----A---- C:\Windows\system32\xactengine2_2.dll
2013-07-19 16:38:42 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2013-07-19 16:38:42 ----A---- C:\Windows\system32\xactengine2_1.dll
2013-07-19 16:38:37 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2013-07-19 16:38:37 ----A---- C:\Windows\system32\d3dx9_30.dll
2013-07-19 16:38:36 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2013-07-19 16:38:36 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2013-07-19 16:38:36 ----A---- C:\Windows\system32\xactengine2_0.dll
2013-07-19 16:38:36 ----A---- C:\Windows\system32\x3daudio1_0.dll
2013-07-19 16:38:35 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2013-07-19 16:38:35 ----A---- C:\Windows\system32\d3dx9_29.dll
2013-07-19 16:38:34 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2013-07-19 16:38:34 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2013-07-19 16:38:34 ----A---- C:\Windows\system32\d3dx9_28.dll
2013-07-19 16:38:34 ----A---- C:\Windows\system32\d3dx9_27.dll
2013-07-19 16:38:33 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2013-07-19 16:38:33 ----A---- C:\Windows\system32\d3dx9_26.dll
2013-07-19 16:38:32 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2013-07-19 16:38:32 ----A---- C:\Windows\system32\d3dx9_25.dll
2013-07-19 16:38:30 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2013-07-19 16:38:30 ----A---- C:\Windows\system32\d3dx9_24.dll
2013-07-19 15:37:47 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-07-19 15:37:47 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-07-19 15:37:45 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-07-19 15:37:45 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-07-19 15:37:40 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-07-19 15:37:40 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-07-19 15:37:40 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-07-19 15:37:40 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-07-19 15:37:39 ----A---- C:\Windows\system32\aswBoot.exe
2013-07-19 15:36:53 ----A---- C:\Windows\avastSS.scr
2013-07-19 15:36:43 ----D---- C:\Program Files\AVAST Software
2013-07-19 15:36:25 ----D---- C:\ProgramData\AVAST Software
2013-07-19 15:11:33 ----D---- C:\Program Files (x86)\Google
2013-07-19 15:08:41 ----D---- C:\Users\marce_000\AppData\Roaming\Skype
2013-07-19 15:08:36 ----RD---- C:\Program Files (x86)\Skype
2013-07-19 15:08:35 ----D---- C:\ProgramData\Skype
2013-07-19 14:56:00 ----D---- C:\Users\marce_000\AppData\Roaming\LowRateVoip
2013-07-19 14:55:49 ----D---- C:\Program Files (x86)\LowRateVoip.com
2013-07-19 14:53:26 ----D---- C:\Users\marce_000\AppData\Roaming\GRETECH
2013-07-19 14:53:22 ----D---- C:\Program Files (x86)\GRETECH
2013-07-19 14:47:37 ----A---- C:\Windows\system32\drivers\dtscsibus.sys
2013-07-19 14:47:35 ----D---- C:\Users\marce_000\AppData\Roaming\DAEMON Tools Ultra
2013-07-19 14:47:32 ----D---- C:\Program Files (x86)\DAEMON Tools Ultra
2013-07-19 14:45:55 ----D---- C:\ProgramData\DAEMON Tools Ultra
2013-07-19 14:43:48 ----D---- C:\Users\marce_000\AppData\Roaming\Ashampoo
2013-07-19 14:43:09 ----D---- C:\ProgramData\Ashampoo
2013-07-19 14:32:33 ----A---- C:\prefs.js
2013-07-19 14:32:25 ----D---- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-19 14:32:23 ----D---- C:\Users\marce_000\AppData\Roaming\Apple Computer
2013-07-19 14:32:23 ----D---- C:\ProgramData\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
2013-07-19 14:32:00 ----D---- C:\Users\marce_000\AppData\Roaming\IObit
2013-07-19 14:31:50 ----D---- C:\ProgramData\IObit
2013-07-19 14:31:50 ----D---- C:\Program Files (x86)\IObit
2013-07-19 14:29:23 ----D---- C:\Program Files (x86)\Adobe
2013-07-19 14:27:22 ----D---- C:\ProgramData\Adobe
2013-07-19 14:26:58 ----D---- C:\Users\marce_000\AppData\Roaming\Macromedia
2013-07-19 14:24:24 ----D---- C:\Users\marce_000\AppData\Roaming\uTorrent
2013-07-19 14:08:51 ----D---- C:\Users\marce_000\AppData\Roaming\Intel Corporation
2013-07-19 14:06:15 ----D---- C:\Users\marce_000\AppData\Roaming\Adobe
2013-07-19 14:00:20 ----D---- C:\Windows\SoftwareDistribution
2013-07-19 14:00:11 ----SD---- C:\Users\marce_000\AppData\Roaming\Microsoft

======List of files/folders modified in the last 1 month======

2013-08-14 11:51:18 ----RD---- C:\Program Files
2013-08-14 11:51:15 ----D---- C:\Windows\Prefetch
2013-08-14 11:50:49 ----RD---- C:\Windows\System32
2013-08-14 11:50:49 ----D---- C:\Windows\Inf
2013-08-14 11:50:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-14 11:49:38 ----A---- C:\Windows\SYSWOW64\log.txt
2013-08-14 11:49:23 ----D---- C:\Windows\Temp
2013-08-14 11:47:30 ----D---- C:\Windows\system32\catroot2
2013-08-14 11:46:18 ----D---- C:\Windows\system32\Drivers
2013-08-14 11:44:11 ----D---- C:\Windows\AUInstallAgent
2013-08-14 11:44:06 ----HD---- C:\Program Files\WindowsApps
2013-08-14 11:43:14 ----SHD---- C:\Windows\Installer
2013-08-14 11:43:09 ----D---- C:\Windows\Microsoft.NET
2013-08-14 11:42:42 ----RSD---- C:\Windows\assembly
2013-08-14 11:41:17 ----RD---- C:\Program Files (x86)
2013-08-14 11:41:17 ----D---- C:\Windows
2013-08-14 11:41:05 ----RSD---- C:\Windows\Fonts
2013-08-14 11:40:24 ----SD---- C:\ProgramData\Microsoft
2013-08-14 11:40:00 ----D---- C:\Program Files (x86)\Common Files
2013-08-14 11:39:59 ----D---- C:\Windows\SysWOW64
2013-08-14 11:39:01 ----D---- C:\Windows\ShellNew
2013-08-14 11:37:40 ----D---- C:\Program Files\Common Files\microsoft shared
2013-08-14 11:00:02 ----D---- C:\Windows\system32\sru
2013-08-14 10:54:00 ----D---- C:\Windows\system32\config
2013-08-14 10:53:59 ----D---- C:\Windows\WinSxS
2013-08-14 10:51:21 ----D---- C:\Windows\debug
2013-08-14 10:37:54 ----D---- C:\Windows\WinStore
2013-08-14 10:37:53 ----D---- C:\Windows\system32\oobe
2013-08-14 10:37:49 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-08-14 10:37:49 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-08-14 10:37:49 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-08-14 10:37:49 ----D---- C:\Windows\SYSWOW64\lv-LV
2013-08-14 10:37:49 ----D---- C:\Windows\SYSWOW64\lt-LT
2013-08-14 10:37:49 ----D---- C:\Windows\SYSWOW64\it-IT
2013-08-14 10:37:49 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-08-14 10:37:49 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-08-14 10:37:49 ----D---- C:\Windows\SYSWOW64\en-GB
2013-08-14 10:37:49 ----D---- C:\Windows\SYSWOW64\el-GR
2013-08-14 10:37:49 ----D---- C:\Windows\SYSWOW64\de-DE
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\uk-UA
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\th-TH
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\sl-SI
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\ro-RO
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\he-IL
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\et-EE
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\es-ES
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\en-US
2013-08-14 10:37:48 ----D---- C:\Windows\SYSWOW64\ar-SA
2013-08-14 10:37:48 ----D---- C:\Windows\system32\tr-TR
2013-08-14 10:37:48 ----D---- C:\Windows\system32\el-GR
2013-08-14 10:37:47 ----D---- C:\Windows\system32\zh-TW
2013-08-14 10:37:47 ----D---- C:\Windows\system32\uk-UA
2013-08-14 10:37:47 ----D---- C:\Windows\system32\th-TH
2013-08-14 10:37:47 ----D---- C:\Windows\system32\sr-Latn-CS
2013-08-14 10:37:47 ----D---- C:\Windows\system32\sl-SI
2013-08-14 10:37:47 ----D---- C:\Windows\system32\sk-SK
2013-08-14 10:37:47 ----D---- C:\Windows\system32\ro-RO
2013-08-14 10:37:47 ----D---- C:\Windows\system32\pt-PT
2013-08-14 10:37:47 ----D---- C:\Windows\system32\pt-BR
2013-08-14 10:37:47 ----D---- C:\Windows\system32\pl-PL
2013-08-14 10:37:47 ----D---- C:\Windows\system32\nl-NL
2013-08-14 10:37:47 ----D---- C:\Windows\system32\lv-LV
2013-08-14 10:37:47 ----D---- C:\Windows\system32\lt-LT
2013-08-14 10:37:47 ----D---- C:\Windows\system32\it-IT
2013-08-14 10:37:47 ----D---- C:\Windows\system32\fr-FR
2013-08-14 10:37:47 ----D---- C:\Windows\system32\fi-FI
2013-08-14 10:37:47 ----D---- C:\Windows\system32\et-EE
2013-08-14 10:37:47 ----D---- C:\Windows\system32\en-US
2013-08-14 10:37:47 ----D---- C:\Windows\system32\en-GB
2013-08-14 10:37:47 ----D---- C:\Windows\system32\de-DE
2013-08-14 10:37:47 ----D---- C:\Windows\system32\ar-SA
2013-08-14 10:37:46 ----D---- C:\Windows\system32\zh-HK
2013-08-14 10:37:46 ----D---- C:\Windows\system32\zh-CN
2013-08-14 10:37:46 ----D---- C:\Windows\system32\sv-SE
2013-08-14 10:37:46 ----D---- C:\Windows\system32\ru-RU
2013-08-14 10:37:46 ----D---- C:\Windows\system32\he-IL
2013-08-14 10:37:46 ----D---- C:\Windows\system32\es-ES
2013-08-14 10:37:37 ----D---- C:\Program Files\Windows Defender
2013-08-14 10:37:31 ----D---- C:\Program Files (x86)\Windows Defender
2013-08-14 10:37:27 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-14 10:37:26 ----D---- C:\Program Files\Internet Explorer
2013-08-14 10:37:14 ----D---- C:\Windows\system32\DriverStore
2013-08-14 10:36:32 ----HD---- C:\ProgramData
2013-08-14 10:32:55 ----D---- C:\Windows\CbsTemp
2013-08-14 09:53:46 ----D---- C:\Windows\system32\wdi
2013-08-14 09:49:14 ----D---- C:\Windows\system32\Tasks
2013-08-13 11:08:10 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-08-13 11:08:10 ----D---- C:\Program Files (x86)\Windows Media Player
2013-08-13 11:08:10 ----D---- C:\Program Files (x86)\Windows Mail
2013-08-13 11:08:09 ----D---- C:\Program Files\Windows Media Player
2013-08-13 11:08:09 ----D---- C:\Program Files\Windows Mail
2013-08-13 11:08:08 ----D---- C:\Program Files\Windows Photo Viewer
2013-08-13 11:08:08 ----D---- C:\Program Files\Windows Journal
2013-08-13 11:08:07 ----D---- C:\Windows\servicing
2013-08-13 11:08:07 ----D---- C:\Windows\ja-JP
2013-08-13 11:07:52 ----D---- C:\Windows\SYSWOW64\winrm
2013-08-13 11:07:52 ----D---- C:\Windows\SYSWOW64\oobe
2013-08-13 11:07:52 ----D---- C:\Windows\SYSWOW64\migwiz
2013-08-13 11:07:52 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-08-13 11:07:47 ----D---- C:\Windows\SYSWOW64\XPSViewer
2013-08-13 11:07:47 ----D---- C:\Windows\SYSWOW64\WCN
2013-08-13 11:07:47 ----D---- C:\Windows\SYSWOW64\sysprep
2013-08-13 11:07:47 ----D---- C:\Windows\SYSWOW64\slmgr
2013-08-13 11:07:47 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2013-08-13 11:07:47 ----D---- C:\Windows\SYSWOW64\migration
2013-08-13 11:07:47 ----D---- C:\Windows\SYSWOW64\drivers\UMDF
2013-08-13 11:07:47 ----D---- C:\Windows\SYSWOW64\drivers
2013-08-13 11:07:47 ----D---- C:\Windows\SYSWOW64\Dism
2013-08-13 11:07:46 ----D---- C:\Windows\SYSWOW64\wbem
2013-08-13 11:07:46 ----D---- C:\Windows\SYSWOW64\Com
2013-08-13 11:07:44 ----RD---- C:\Windows\ImmersiveControlPanel
2013-08-13 11:07:44 ----D---- C:\Windows\system32\winrm
2013-08-13 11:07:44 ----D---- C:\Windows\system32\migwiz
2013-08-13 11:07:44 ----D---- C:\Windows\system32\ja-JP
2013-08-13 11:07:22 ----D---- C:\Windows\system32\Sysprep
2013-08-13 11:07:22 ----D---- C:\Windows\system32\slmgr
2013-08-13 11:07:22 ----D---- C:\Windows\system32\migration
2013-08-13 11:07:22 ----D---- C:\Windows\system32\Boot
2013-08-13 11:07:20 ----D---- C:\Windows\system32\WCN
2013-08-13 11:07:20 ----D---- C:\Windows\system32\drivers\UMDF
2013-08-13 11:07:20 ----D---- C:\Windows\system32\Dism
2013-08-13 11:07:13 ----D---- C:\Windows\system32\wbem
2013-08-13 11:07:13 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2013-08-13 11:07:11 ----D---- C:\Windows\system32\SystemResetPlatform
2013-08-13 11:07:11 ----D---- C:\Windows\system32\Com
2013-08-13 11:06:33 ----D---- C:\Program Files\Common Files\System
2013-08-13 11:06:10 ----D---- C:\Windows\SYSWOW64\MUI
2013-08-13 11:06:09 ----D---- C:\Windows\SYSWOW64\da-DK
2013-08-13 11:06:00 ----D---- C:\Windows\PolicyDefinitions
2013-08-13 11:05:59 ----D---- C:\Windows\system32\MUI
2013-08-13 11:05:52 ----D---- C:\Windows\system32\da-DK
2013-08-13 11:05:27 ----D---- C:\Windows\apppatch
2013-08-13 11:04:26 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-08-13 11:04:12 ----D---- C:\Windows\nb-NO
2013-08-13 11:04:06 ----D---- C:\Windows\system32\nb-NO
2013-08-11 09:31:42 ----D---- C:\Windows\system32\NDF
2013-08-04 16:25:56 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-07-28 19:28:42 ----D---- C:\Windows\rescache
2013-07-28 18:37:05 ----D---- C:\Windows\Cursors
2013-07-27 18:47:44 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-07-26 17:01:13 ----D---- C:\Windows\SYSWOW64\hr-HR
2013-07-26 17:00:45 ----D---- C:\Windows\system32\hr-HR
2013-07-26 16:58:18 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-07-26 16:57:47 ----D---- C:\Windows\system32\cs-CZ
2013-07-26 16:53:27 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-07-26 16:53:25 ----D---- C:\Windows\system32\ko-KR
2013-07-25 13:46:16 ----D---- C:\Windows\system32\LogFiles
2013-07-24 09:53:07 ----D---- C:\ProgramData\Norton
2013-07-24 09:26:03 ----D---- C:\Windows\system32\catroot
2013-07-24 09:22:42 ----RD---- C:\Windows\ToastData
2013-07-23 14:56:04 ----D---- C:\Windows\twain_32
2013-07-22 14:44:47 ----D---- C:\Windows\Logs
2013-07-22 11:58:31 ----D---- C:\ProgramData\PRICache
2013-07-22 11:15:00 ----D---- C:\Windows\fr-FR
2013-07-22 11:14:10 ----D---- C:\Windows\SYSWOW64\drivers\fr-FR
2013-07-22 11:13:26 ----D---- C:\Windows\system32\drivers\fr-FR
2013-07-22 11:13:25 ----D---- C:\Windows\system32\fr
2013-07-22 11:12:42 ----D---- C:\Windows\SYSWOW64\bg-BG
2013-07-22 11:12:19 ----D---- C:\Windows\system32\bg-BG
2013-07-22 11:09:54 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-07-22 11:08:26 ----D---- C:\Windows\system32\hu-HU
2013-07-22 00:00:01 ----D---- C:\Windows\Panther
2013-07-20 09:34:41 ----D---- C:\Program Files\Common Files
2013-07-19 22:57:18 ----D---- C:\Windows\SYSWOW64\NV
2013-07-19 22:57:17 ----D---- C:\Windows\system32\NV
2013-07-19 22:57:16 ----D---- C:\ProgramData\NVIDIA
2013-07-19 22:47:02 ----D---- C:\Windows\system32\Recovery
2013-07-19 16:39:11 ----SHD---- C:\$Recycle.Bin
2013-07-19 15:27:26 ----HD---- C:\Windows\ELAMBKUP
2013-07-19 15:11:35 ----D---- C:\Windows\Tasks
2013-07-19 14:27:42 ----D---- C:\Windows\system32\restore
2013-07-19 14:00:11 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\Windows\System32\drivers\ACPI.sys [2012-11-30 425192]
R0 acpiex;Microsoft ACPIEx Driver; C:\Windows\System32\Drivers\acpiex.sys [2012-07-26 77040]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-07-19 189936]
R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\Windows\System32\drivers\CLFS.sys [2012-07-26 361200]
R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2012-11-30 562392]
R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\Windows\System32\drivers\disk.sys [2012-07-26 102640]
R0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\Windows\System32\drivers\EhStorClass.sys [2012-07-26 81136]
R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\Windows\System32\drivers\fileinfo.sys [2012-07-26 71920]
R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\Windows\system32\drivers\fltmgr.sys [2012-07-26 374512]
R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2012-11-30 465128]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-09-02 647736]
R0 KSecDD;KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [2012-11-30 100072]
R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2012-11-30 172264]
R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\Windows\System32\drivers\mountmgr.sys [2012-07-26 93936]
R0 msisadrv;msisadrv; C:\Windows\System32\drivers\msisadrv.sys [2012-07-26 17136]
R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\Windows\System32\Drivers\mup.sys [2012-07-26 83696]
R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\Windows\system32\drivers\ndis.sys [2013-06-16 997632]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-11-28 30056]
R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\Windows\System32\drivers\partmgr.sys [2013-01-10 91880]
R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\Windows\System32\drivers\pci.sys [2012-07-26 234224]
R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2012-07-26 52464]
R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\Windows\system32\drivers\pdc.sys [2013-03-02 69864]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-07-26 217328]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720]
R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\Windows\System32\drivers\spaceport.sys [2013-05-04 284416]
R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\Windows\System32\drivers\tcpip.sys [2013-08-14 2233168]
R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\Windows\System32\drivers\vdrvroot.sys [2012-07-26 36080]
R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\Windows\System32\drivers\volmgr.sys [2012-07-26 83184]
R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\Windows\System32\drivers\volmgrx.sys [2012-07-26 378608]
R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\Windows\System32\drivers\volsnap.sys [2013-06-01 327936]
R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\Windows\system32\drivers\Wdf01000.sys [2013-01-10 785504]
R0 WFPLWFS;@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000; C:\Windows\system32\DRIVERS\wfplwfs.sys [2013-08-14 96512]
R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\Windows\system32\drivers\afd.sys [2012-11-06 560640]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2013-05-09 131232]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 22600]
R1 aswNdisFlt;@oem22.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2013-05-09 276992]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-07-19 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-07-19 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 BasicDisplay;BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [2012-07-26 48640]
R1 BasicRender;BasicRender; C:\Windows\System32\drivers\BasicRender.sys [2012-07-26 29696]
R1 Beep;Beep; C:\Windows\system32\drivers\Beep.sys [2012-07-26 7680]
R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\Windows\System32\drivers\cdrom.sys [2012-07-26 174080]
R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\Windows\System32\Drivers\dfsc.sys [2012-07-26 118784]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2012-07-26 50688]
R1 Msfs;Msfs; C:\Windows\system32\drivers\Msfs.sys [2012-07-26 26112]
R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\Windows\System32\drivers\mssmbios.sys [2012-07-26 37616]
R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\Windows\system32\DRIVERS\netbios.sys [2012-07-26 46080]
R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\Windows\System32\DRIVERS\netbt.sys [2012-07-26 331776]
R1 Npfs;Npfs; C:\Windows\system32\drivers\Npfs.sys [2012-07-26 49152]
R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\Windows\System32\drivers\npsvctrig.sys [2012-07-26 23552]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2012-07-26 34304]
R1 Null;Null; C:\Windows\system32\drivers\Null.sys [2012-07-26 5632]
R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\Windows\system32\DRIVERS\pacer.sys [2012-07-26 145408]
R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\Windows\system32\DRIVERS\rdbss.sys [2013-05-04 427520]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2012-07-26 117248]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2013-04-09 83456]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\Windows\system32\DRIVERS\lltdio.sys [2012-07-26 60416]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2012-07-26 134144]
R2 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\Windows\system32\DRIVERS\nwifi.sys [2012-07-26 427520]
R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\Windows\system32\drivers\Ndu.sys [2012-07-26 97792]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2013-04-09 805376]
R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\Windows\system32\DRIVERS\rspndr.sys [2012-07-26 78848]
R2 secdrv;Security Driver; C:\Windows\system32\drivers\secdrv.sys [2012-07-26 23040]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2012-07-26 45056]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2012-07-26 101888]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
R3 btmaux;@oem14.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2012-08-27 121728]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2012-08-29 857472]
R3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\Windows\System32\drivers\CmBatt.sys [2012-07-26 25600]
R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\Windows\System32\drivers\CompositeBus.sys [2012-07-26 36352]
R3 condrv;Console Driver; C:\Windows\System32\drivers\condrv.sys [2012-07-26 33792]
R3 dtscsibus;DAEMON Tools Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtscsibus.sys [2013-07-19 29696]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2013-04-16 1455368]
R3 ETD;@oem12.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-11-28 295760]
R3 fastfat;FAT12/16/32 File System Driver; C:\Windows\system32\drivers\fastfat.sys [2012-07-26 210672]
R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\System32\drivers\HDAudBus.sys [2012-11-30 71168]
R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\Windows\system32\drivers\HTTP.sys [2013-03-15 861184]
R3 i8042prt;@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver; C:\Windows\System32\drivers\i8042prt.sys [2012-07-26 112640]
R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-08-06 68136]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-11-28 9004384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-11-28 4142864]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-11-28 342528]
R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\Windows\System32\drivers\intelppm.sys [2012-11-06 89088]
R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\Windows\System32\drivers\kbdclass.sys [2012-07-26 48368]
R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20); C:\Windows\system32\DRIVERS\kdnic.sys [2012-07-26 18432]
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [2012-07-26 21376]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-11-28 62784]
R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service; C:\Windows\System32\drivers\monitor.sys [2013-03-01 30720]
R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\Windows\System32\drivers\mouclass.sys [2012-07-26 45808]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2012-11-30 74752]
R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\Windows\system32\DRIVERS\mrxsmb.sys [2013-02-05 370688]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2012-07-26 279552]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2013-02-05 215552]
R3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\Windows\System32\drivers\mshidumdf.sys [2012-07-26 10752]
R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\Windows\system32\DRIVERS\ndistapi.sys [2012-11-30 25088]
R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\Windows\system32\DRIVERS\ndisuio.sys [2012-07-26 58880]
R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]
R3 NDProxy;NDIS Proxy; C:\Windows\system32\drivers\NDProxy.sys [2013-04-09 60416]
R3 NETwNe64;@oem7.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\Windows\system32\DRIVERS\NETwew00.sys [2012-11-28 4293672]
R3 Ntfs;Ntfs; C:\Windows\system32\drivers\Ntfs.sys [2013-02-02 1933544]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2010-01-18 14136]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-11-28 13425512]
R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\Windows\system32\DRIVERS\raspptp.sys [2012-07-26 114176]
R3 RasAgileVpn;@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2012-07-26 68608]
R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\Windows\system32\DRIVERS\rasl2tp.sys [2012-07-26 124928]
R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\Windows\system32\DRIVERS\raspppoe.sys [2012-07-26 81920]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2012-07-26 92672]
R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\Windows\System32\drivers\rdpbus.sys [2012-07-26 22528]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
R3 RTL8168;@oem10.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-11-28 683664]
R3 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\Windows\System32\DRIVERS\srv.sys [2012-07-26 416768]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2013-04-09 623104]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2013-04-09 247808]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2012-11-30 12288]
R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\Windows\System32\drivers\swenum.sys [2012-07-26 13680]
R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys [2012-07-26 149504]
R3 UCX01000;USB Controller Extension; C:\Windows\System32\drivers\ucx01000.sys [2013-06-01 213248]
R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\Windows\System32\drivers\umbus.sys [2012-07-26 48128]
R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\System32\drivers\usbehci.sys [2012-11-30 79080]
R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver; C:\Windows\System32\drivers\usbhub.sys [2013-02-02 496872]
R3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\Windows\System32\drivers\UsbHub3.sys [2013-05-04 446720]
R3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\Windows\System32\drivers\USBXHCI.SYS [2013-06-01 337152]
R3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2012-07-26 24064]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 3ware;3ware; C:\Windows\System32\drivers\3ware.sys [2012-07-26 106736]
S0 adp94xx;adp94xx; C:\Windows\System32\drivers\adp94xx.sys [2012-07-26 492272]
S0 adpahci;adpahci; C:\Windows\System32\drivers\adpahci.sys [2012-07-26 340720]
S0 adpu320;adpu320; C:\Windows\System32\drivers\adpu320.sys [2012-07-26 184048]
S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\Windows\System32\drivers\agp440.sys [2012-07-26 63216]
S0 amdsata;amdsata; C:\Windows\System32\drivers\amdsata.sys [2012-07-26 76016]
S0 amdsbs;amdsbs; C:\Windows\System32\drivers\amdsbs.sys [2012-07-26 258288]
S0 amdxata;amdxata; C:\Windows\System32\drivers\amdxata.sys [2012-07-26 26352]
S0 arc;arc; C:\Windows\System32\drivers\arc.sys [2012-07-26 104688]
S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver; C:\Windows\System32\drivers\arcsas.sys [2012-07-26 108272]
S0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\Windows\System32\drivers\atapi.sys [2012-07-26 25840]
S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\Windows\System32\drivers\bxvbda.sys [2012-11-30 533224]
S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\System32\drivers\evbda.sys [2012-11-30 3265256]
S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\Windows\System32\drivers\EhStorTcgDrv.sys [2012-07-26 113904]
S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\System32\drivers\gagp30kx.sys [2012-07-26 66800]
S0 HpSAMD;HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [2012-07-26 64752]
S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2012-07-26 24816]
S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\Windows\System32\drivers\iaStorV.sys [2012-07-26 411888]
S0 iirsp;iirsp; C:\Windows\System32\drivers\iirsp.sys [2012-07-26 45296]
S0 intelide;intelide; C:\Windows\System32\drivers\intelide.sys [2012-07-26 18672]
S0 isapnp;isapnp; C:\Windows\System32\drivers\isapnp.sys [2012-07-26 22256]
S0 LSI_SAS;LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [2012-07-26 108784]
S0 LSI_SAS2;LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [2012-07-26 92400]
S0 LSI_SCSI;LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [2012-07-26 116976]
S0 LSI_SSS;LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [2012-07-26 81136]
S0 megasas;megasas; C:\Windows\System32\drivers\megasas.sys [2012-07-26 51952]
S0 MegaSR;MegaSR; C:\Windows\System32\drivers\MegaSR.sys [2012-07-26 353008]
S0 mvumis;mvumis; C:\Windows\System32\drivers\mvumis.sys [2012-07-26 64240]
S0 nfrd960;nfrd960; C:\Windows\System32\drivers\nfrd960.sys [2012-07-26 52464]
S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\Windows\System32\drivers\nv_agp.sys [2012-07-26 125168]
S0 nvraid;nvraid; C:\Windows\System32\drivers\nvraid.sys [2012-07-26 150256]
S0 nvstor;nvstor; C:\Windows\System32\drivers\nvstor.sys [2012-07-26 168176]
S0 pciide;pciide; C:\Windows\System32\drivers\pciide.sys [2012-07-26 14064]
S0 pcmcia;pcmcia; C:\Windows\System32\drivers\pcmcia.sys [2012-07-26 237808]
S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\Windows\System32\drivers\sbp2port.sys [2012-07-26 107760]
S0 SiSRaid2;SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [2012-07-26 44784]
S0 SiSRaid4;SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [2012-07-26 81648]
S0 stexstor;stexstor; C:\Windows\System32\drivers\stexstor.sys [2012-07-26 30960]
S0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\Windows\System32\drivers\storahci.sys [2013-03-02 77544]
S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys [2012-07-26 45160]
S0 storvsc;storvsc; C:\Windows\System32\drivers\storvsc.sys [2012-07-26 37992]
S0 uagp35;@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\Windows\System32\drivers\uagp35.sys [2012-07-26 65776]
S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\Windows\System32\drivers\uliagpkx.sys [2012-07-26 66800]
S0 viaide;viaide; C:\Windows\System32\drivers\viaide.sys [2012-07-26 19184]
S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\System32\drivers\vmbus.sys [2012-07-26 137832]
S0 vsmraid;vsmraid; C:\Windows\System32\drivers\vsmraid.sys [2012-07-26 164080]
S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage Controller Windows Driver; C:\Windows\System32\drivers\vstxraid.sys [2012-07-26 322800]
S0 Wd;@wd.inf,%WdServiceDisplayName%;Microsoft Watchdog Timer Driver; C:\Windows\System32\drivers\wd.sys [2012-07-26 23792]
S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\Windows\system32\drivers\dam.sys [2012-11-30 58088]
S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\Windows\System32\drivers\1394ohci.sys [2012-07-26 226304]
S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\Windows\System32\drivers\acpipagr.sys [2012-07-26 10240]
S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\Windows\System32\drivers\acpipmi.sys [2012-07-26 12288]
S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\Windows\System32\drivers\acpitime.sys [2012-07-26 10752]
S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\Windows\System32\drivers\amdk8.sys [2012-11-06 90624]
S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\Windows\System32\drivers\amdppm.sys [2012-11-06 88064]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2012-07-26 79360]
S3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\Windows\system32\DRIVERS\asyncmac.sys [2012-07-26 26624]
S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\Windows\System32\drivers\BthAvrcpTg.sys [2013-06-01 37632]
S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\Windows\System32\drivers\bthhfenum.sys [2012-07-26 51200]
S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\Windows\System32\drivers\BthHFHid.sys [2012-11-27 29952]
S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\Windows\System32\drivers\bthmodem.sys [2012-07-26 65536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\Windows\System32\drivers\circlass.sys [2012-07-26 45056]
S3 dmvsc;dmvsc; C:\Windows\System32\drivers\dmvsc.sys [2012-07-26 33280]
S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2012-11-30 5632]
S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\Windows\System32\drivers\errdev.sys [2012-07-26 10240]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2012-07-26 194560]
S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\Windows\System32\drivers\fdc.sys [2012-07-26 30720]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2012-07-26 34816]
S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\Windows\System32\drivers\flpydisk.sys [2012-07-26 24576]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2012-07-26 57584]
S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\Windows\System32\drivers\fxppm.sys [2012-11-06 22528]
S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\Windows\System32\drivers\vmgencounter.sys [2012-07-26 12288]
S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\Windows\System32\Drivers\msgpioclx.sys [2013-08-14 120144]
S3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2013-08-14 341504]
S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\Windows\System32\drivers\HidBatt.sys [2012-07-26 27136]
S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\Windows\System32\drivers\hidbth.sys [2013-04-09 95744]
S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\Windows\System32\drivers\hidi2c.sys [2012-11-20 39936]
S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\Windows\System32\drivers\hidir.sys [2012-07-26 46080]
S3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\Windows\System32\drivers\hidusb.sys [2013-04-09 27648]
S3 hyperkbd;hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [2012-07-26 11776]
S3 HyperVideo;HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [2012-07-26 24576]
S3 ipadtst;ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [2011-12-12 17936]
S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\Windows\system32\DRIVERS\ipfltdrv.sys [2012-07-26 89088]
S3 IPMIDRV;IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [2012-07-26 78336]
S3 IPNAT;IP Network Address Translator; C:\Windows\System32\drivers\ipnat.sys [2012-07-26 145920]
S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\Windows\system32\drivers\irenum.sys [2012-07-26 17920]
S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\Windows\System32\drivers\msiscsi.sys [2012-11-06 277736]
S3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\Windows\System32\drivers\kbdhid.sys [2012-07-26 29184]
S3 Modem;Modem; C:\Windows\system32\drivers\modem.sys [2012-07-26 40448]
S3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\Windows\System32\drivers\mouhid.sys [2013-03-02 26112]
S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\Windows\system32\drivers\mrxdav.sys [2012-07-26 141312]
S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2012-07-26 129536]
S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver; C:\Windows\System32\drivers\msgpiowin32.sys [2013-01-10 28904]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2012-07-26 8704]
S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2012-07-26 11008]
S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\Windows\system32\DRIVERS\mslldp.sys [2012-07-26 68608]
S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2012-07-26 7168]
S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2012-07-26 6912]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2012-07-26 390896]
S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2012-07-26 8192]
S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\Windows\System32\drivers\MTConfig.sys [2012-07-26 14848]
S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\Windows\system32\DRIVERS\ndiscap.sys [2012-07-26 46592]
S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [2012-07-26 126464]
S3 NDISWANLEGACY;@%systemroot%\system32\rascfg.dll,-32014; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]
S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\Windows\System32\drivers\parport.sys [2012-07-26 105984]
S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\Windows\System32\drivers\processr.sys [2012-11-06 87552]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2012-07-26 46592]
S3 RasAcd;Remote Access Auto Connection Driver; C:\Windows\System32\DRIVERS\rasacd.sys [2012-07-26 16384]
S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\Windows\System32\drivers\rdpdr.sys [2012-07-26 179712]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-30 27880]
S3 RDPWD;RDP Winstation Driver; C:\Windows\system32\drivers\RDPWD.sys [2012-07-26 208384]
S3 RSUSBSTOR;@oem11.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2012-11-28 252048]
S3 s3cap;s3cap; C:\Windows\System32\drivers\vms3cap.sys [2012-07-26 7168]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2012-07-26 36864]
S3 sdbus;sdbus; C:\Windows\System32\drivers\sdbus.sys [2013-08-14 195416]
S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\Windows\System32\drivers\sdstor.sys [2012-11-30 56552]
S3 SerCx;Serial UART Support Library; C:\Windows\system32\drivers\SerCx.sys [2012-07-26 62976]
S3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\Windows\System32\drivers\serenum.sys [2012-07-26 23040]
S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\Windows\System32\drivers\serial.sys [2012-07-26 76800]
S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\Windows\System32\drivers\sermouse.sys [2012-07-26 27136]
S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\Windows\System32\drivers\sfloppy.sys [2012-07-26 16896]
S3 SpbCx;Simple Peripheral Bus Support Library; C:\Windows\system32\drivers\SpbCx.sys [2012-07-26 59392]
S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2013-08-14 2233168]
S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\Windows\System32\drivers\terminpt.sys [2012-07-26 36592]
S3 TPM;@tpm.inf,%TPM%;TPM; C:\Windows\system32\drivers\tpm.sys [2013-03-02 148712]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-07-26 57344]
S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\Windows\System32\drivers\TsUsbGD.sys [2012-07-26 30208]
S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\Windows\System32\drivers\uaspstor.sys [2012-07-26 97008]
S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver; C:\Windows\System32\drivers\umpass.sys [2012-07-26 11776]
S3 USBAAPL64;@oem17.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\Windows\System32\drivers\usbccgp.sys [2012-07-26 120832]
S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\Windows\System32\drivers\usbcir.sys [2012-07-26 99328]
S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\System32\drivers\usbohci.sys [2012-11-20 27136]
S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\Windows\System32\drivers\usbprint.sys [2012-07-26 25600]
S3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\Windows\System32\drivers\USBSTOR.SYS [2013-08-14 119040]
S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\System32\drivers\usbuhci.sys [2012-11-30 32256]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2012-11-30 210304]
S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\Windows\system32\drivers\VerifierExt.sys [2012-07-26 106224]
S3 vhdmp;vhdmp; C:\Windows\System32\drivers\vhdmp.sys [2013-03-02 495336]
S3 VMBusHID;VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [2012-07-26 22144]
S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\Windows\System32\drivers\vpci.sys [2012-07-26 67824]
S3 WacomPen;@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver; C:\Windows\System32\drivers\wacompen.sys [2012-07-26 27008]
S3 Wanarp;@%systemroot%\system32\rascfg.dll,-32011; C:\Windows\system32\DRIVERS\wanarp.sys [2013-04-09 83456]
S3 WdBoot;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390; C:\Windows\system32\drivers\WdBoot.sys [2013-08-14 36288]
S3 WdFilter;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330; C:\Windows\system32\drivers\WdFilter.sys [2013-08-14 247216]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2012-07-26 33520]
S4 cdfs;CD/DVD File System Reader; C:\Windows\system32\DRIVERS\cdfs.sys [2012-07-26 108544]
S4 udfs;udfs; C:\Windows\system32\DRIVERS\udfs.sys [2013-08-14 321536]

iasak1982 · #3 Příspěvek od **iasak1982** » 14 srp 2013 12:00

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-05-09 137960]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-08-27 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-09-06 1124288]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 DcomLaunch;@combase.dll,-5012; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R2 EventSystem;@comres.dll,-2450; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-09-02 14904]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-11-28 165760]
R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-11-28 276864]
R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [2012-09-13 160768]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-05-23 142904]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-08-28 891240]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-11-28 1258856]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-25 75136]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 RpcSs;@combase.dll,-5010; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2012-11-28 201360]
R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\Windows\system32\lsass.exe [2012-11-30 35840]
R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\Windows\System32\spoolsv.exe [2012-07-26 769024]
R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-07-08 4153184]
R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-28 364416]
R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R3 Browser;@%systemroot%\system32\browser.dll,-100; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R3 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2012-11-30 35840]
R3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\Windows\system32\svchost.exe [2012-11-30 29696]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2012-11-30 29696]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/11/29 17:56:09; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2012-05-23 243728]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-19 116648]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2012-07-26 4881408]
S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\Windows\System32\alg.exe [2012-07-26 94208]
S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 COMSysApp;@comres.dll,-947; C:\Windows\system32\dllhost.exe [2012-07-26 10752]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-11-28 276288]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 Disc Soft Bus Service;Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [2013-06-25 632352]
S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2012-11-30 35840]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2012-07-26 669696]
S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-19 116648]
S3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 MSDTC;@comres.dll,-2797; C:\Windows\System32\msdtc.exe [2012-07-26 144384]
S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\Windows\system32\msiexec.exe [2012-07-26 124416]
S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2012-07-26 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\Windows\system32\locator.exe [2012-07-26 9728]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2013-05-15 98304]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2012-07-26 40960]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2012-11-30 35840]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2013-06-01 680960]
S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\Windows\system32\vssvc.exe [2013-05-04 1483776]
S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2012-07-26 1616896]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 WebClient;@%systemroot%\system32\webclnt.dll,-100; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S3 WinDefend;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310; C:\Program Files\Windows Defender\MsMpEng.exe [2013-08-14 16048]
S4 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S4 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S4 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S4 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S4 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\Windows\system32\lsass.exe [2012-11-30 35840]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-12 139696]
S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S4 RemoteRegistry;@regsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\Windows\system32\svchost.exe [2012-11-30 29696]
S4 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\Windows\System32\svchost.exe [2012-11-30 29696]
S4 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2012-07-26 14848]

-----------------EOF-----------------

iasak1982 · #4 Příspěvek od **iasak1982** » 15 srp 2013 21:28

Prepacte ze som otravny, ja sa len chcem spytat , ze ci sa na to niekto pozrie, ak nie tak to zamknite. Viem, ze mate plno prace aj mimo toho fora. Dakujem a ostavam s pozdravom.

#5 Příspěvek od **vyosek** » 16 srp 2013 06:47

Zdravim

Jak jste si sam odpovidal, tak nam to zapadlo

Odinstalujte Advanced SystemCare a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Clean
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[?].txt, ten sem vlozte

iasak1982 · #6 Příspěvek od **iasak1982** » 16 srp 2013 08:20

Dobry den, vsetko od iobitu som odinstaloval a vkladam sem ten log o ktory ste ziadali, problem mam taktiez s tym ze som odinstaloval avast z pocitaca a stale mi ukazuje ze chrani pc, dakujem za vasu pomoc.

# AdwCleaner v2.306 - Log vytvorený 16/08/2013 o 08:14:56
# Aktualizované 19/07/2013 Xplode
# Operaený systém : Windows 8 (64 bits)
# Uživateľ : Marcel - MARCEL
# Spustený systém : Normálny
# Spustené z : C:\Users\marce_000\Downloads\adwcleaner.exe
# Voľba [Prehľada?]

***** [Služby] *****

***** [Súbory / Adresáre] *****

Adresár Nájdené : C:\Program Files (x86)\Common Files\spigot

***** [Registre] *****

Kľúe Nájdené : HKCU\Software\AppDataLow\Software\Search Settings

***** [Internetové prehliadaee] *****

-\\ Internet Explorer v10.0.9200.16660

[OK] Registre sú eisté.

-\\ Google Chrome v28.0.1500.95

Súbor : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Súbor je eistý.

Súbor : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Súbor je eistý.

Súbor : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Súbor je eistý.

Súbor : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Súbor je eistý.

*************************

AdwCleaner[R2].txt - [1122 octets] - [16/08/2013 08:14:56]

########## EOF - C:\AdwCleaner[R2].txt - [1182 octets] ##########

#7 Příspěvek od **vyosek** » 16 srp 2013 22:59

Pouzijte toto http://files.avast.com/files/eng/aswclear.exe

Stahnete SecurityCheck http://screen317.spywareinfoforum.org/SecurityCheck.exe

Ulozte nejlepe na Plochu
Spustte tradicne dvouklikem a postupujte dle pokynu utility
Po dokonceni skenu se vytvori a otevre log, ten mi sem vlozte

iasak1982 · #8 Příspěvek od **iasak1982** » 17 srp 2013 11:15

Zdravim, po odstraneni avastu mi dlhsie nesiel internet, napokon som ho spojazdnil, cudne bolo ze na druhom pc pripojenom sietovym kablom siel a aj na telefone pripojenom wifi tiez siel, prikladam sem ten log o ktory si ziadal, dakujem. Este som sa chcel spytat ci mi bude windows defender ako ochrana v pc stacit, mam podozrenie ze medzi WD a avastom vznikla nejaka kolizia, predtym som mal podobny problem s esetom ale to bolo este horsie. Windows defender bol sucastou win 8 a myslim ze je to ako Microsoft Security Essentials pretoze ked som chcel stiahnut MSE tak mi ukazovalo ze uz je sucastou.

Results of screen317's Security Check version 0.99.72
x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Adobe Reader XI
Google Chrome 28.0.1500.72
Google Chrome 28.0.1500.95
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Windows Defender MsMpEng.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

#9 Příspěvek od **vyosek** » 18 srp 2013 21:01

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

iasak1982 · #10 Příspěvek od **iasak1982** » 19 srp 2013 12:26

OTL logfile created on: 19/08/2013 10:24:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\marce_000\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000809 | Country: Spojené kráľovstvo | Language: ENG | Date Format: dd/MM/yyyy

7.89 Gb Total Physical Memory | 5.89 Gb Available Physical Memory | 74.65% Memory free
15.89 Gb Paging File | 13.43 Gb Available in Paging File | 84.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 588.63 Gb Total Space | 415.06 Gb Free Space | 70.51% Space Free | Partition Type: NTFS
Drive D: | 321.26 Gb Total Space | 320.72 Gb Free Space | 99.83% Space Free | Partition Type: NTFS
Drive F: | 2.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MARCEL | User Name: Marcel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013/08/19 10:21:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\marce_000\Downloads\OTL.exe
PRC - [2013/07/25 13:46:17 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/07/25 01:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/28 17:34:13 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/11/28 17:34:13 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/11/28 17:34:11 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/11/28 17:34:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/09/13 19:26:04 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\SCM\MSIService.exe
PRC - [2012/09/06 13:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/09/02 03:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/08/27 17:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012/05/23 01:14:08 | 000,142,904 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
PRC - [2012/05/23 01:14:06 | 000,502,328 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe

========== Modules (No Company Name) ==========

MOD - [2013/07/25 01:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013/07/25 01:49:45 | 013,599,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
MOD - [2013/07/25 01:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/25 01:48:54 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013/07/25 01:48:53 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013/07/25 01:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/11/28 17:33:57 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/08/14 10:32:34 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/08/14 10:28:49 | 000,016,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/06/01 10:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 07:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 07:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 05:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/02 03:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/02 03:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/10 00:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/10 00:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/11/30 01:10:26 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/11/30 01:09:48 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/11/30 01:09:44 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/11/28 17:34:21 | 000,201,360 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE -- (RtkAudioService)
SRV:64bit: - [2012/07/26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/06/20 04:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013/07/25 13:46:17 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/30 01:09:44 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/11/28 17:34:13 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/11/28 17:34:13 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/11/28 17:34:11 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/11/28 17:34:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/11/28 17:33:51 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/09/13 19:26:04 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\SCM\MSIService.exe -- (Micro Star SCM)
SRV - [2012/09/06 13:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/09/02 03:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/08/27 17:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/07/26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012/05/23 17:48:42 | 000,243,728 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2012/05/23 01:14:08 | 000,142,904 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/08/17 13:28:51 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/08/14 10:32:34 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/08/14 10:32:34 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/14 10:32:34 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/08/14 10:28:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/14 10:28:49 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/07/19 15:38:11 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/06/01 12:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/06/01 12:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/01 04:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/05/09 09:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/05/04 08:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/05/04 08:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/03/02 11:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 11:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 11:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/10 02:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/30 01:17:17 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/11/30 01:17:15 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/11/30 01:17:15 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2012/11/30 01:12:59 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/11/30 01:09:44 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/11/30 01:09:44 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/11/28 17:34:31 | 000,295,760 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012/11/28 17:34:26 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2012/11/28 17:34:25 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/11/28 17:34:12 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/11/28 17:34:07 | 004,293,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012/11/28 17:33:59 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012/11/28 17:33:45 | 009,004,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/11/28 17:33:43 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/11/27 04:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/20 05:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/06 04:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/09/02 03:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/08/29 17:36:54 | 000,857,472 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012/08/27 17:48:12 | 000,121,728 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/06 20:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012/07/26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 03:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 03:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV - [2011/12/12 22:45:08 | 000,017,936 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys -- (ipadtst)
DRV - [2010/01/18 19:36:44 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys -- (NTIOLib_1_0_3)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{BDED8663-1C27-42B7-86E4-0B859B2832B9}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MAMIJS;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{BDED8663-1C27-42B7-86E4-0B859B2832B9}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MAMIJS;

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2088791548-2596210193-3422292274-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2088791548-2596210193-3422292274-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2088791548-2596210193-3422292274-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
IE - HKU\S-1-5-21-2088791548-2596210193-3422292274-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.search.yahoo.com?type=114576&fr=spigot-yhp-ie
IE - HKU\S-1-5-21-2088791548-2596210193-3422292274-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2088791548-2596210193-3422292274-1002\..\SearchScopes\{2A97684D-EE44-489B-A131-AF7E7656A75D}: "URL" = http://uk.search.yahoo.com/search?fr=ch ... earchTerms}
IE - HKU\S-1-5-21-2088791548-2596210193-3422292274-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2088791548-2596210193-3422292274-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

O1 HOSTS File: ([2012/07/26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Radio Manager] C:\Program Files (x86)\SCM\Radio Manager.exe (MSI)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SCM] C:\Program Files (x86)\SCM\SCM.exe (MSI)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKU\S-1-5-21-2088791548-2596210193-3422292274-1002..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-2088791548-2596210193-3422292274-1002..\Run: [HP Deskjet 3050A J611 series (NET)] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-2088791548-2596210193-3422292274-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DC27B00-3052-44A7-AE04-7625BA0C595B}: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FAA1ABC-A6AE-4475-AB01-43D3E4A3C6A0}: DhcpNameServer = 192.168.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B549F593-0BD0-4C5E-A7F7-2F9443F7F5FC}: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E07D83B9-0AE8-494F-A6B2-BA26661322E1}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/10/28 12:16:13 | 000,000,084 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{3e35f77f-0724-11e3-be9c-0cd2923ddab4}\Shell - "" = AutoRun
O33 - MountPoints2\{3e35f77f-0724-11e3-be9c-0cd2923ddab4}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2012/10/29 18:05:02 | 004,689,482 | R--- | M] (EA Games )
O33 - MountPoints2\{7ee7fe7f-f07f-11e2-be7b-0cd2923ddab4}\Shell - "" = AutoRun
O33 - MountPoints2\{7ee7fe7f-f07f-11e2-be7b-0cd2923ddab4}\Shell\AutoRun\command - "" = "F:\.autorun\autorun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

Drivers32:64bit: msacm.ac3filter - ac3filter64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013/08/17 16:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2013/08/17 16:47:11 | 000,000,000 | ---D | C] -- C:\Fraps
[2013/08/17 13:57:28 | 000,000,000 | ---D | C] -- C:\Users\marce_000\Documents\Criterion Games
[2013/08/17 13:28:51 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/08/17 13:28:48 | 000,000,000 | ---D | C] -- C:\Users\marce_000\AppData\Roaming\DAEMON Tools Lite
[2013/08/17 13:28:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013/08/17 13:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013/08/16 12:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/08/16 12:42:04 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2013/08/16 12:41:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/08/16 12:41:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/08/16 12:41:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/08/16 12:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/08/14 11:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/08/14 11:51:18 | 000,000,000 | ---D | C] -- C:\rsit
[2013/08/14 10:36:42 | 000,000,000 | ---D | C] -- C:\Users\marce_000\AppData\Roaming\Malwarebytes
[2013/08/14 10:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/14 10:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/08/14 10:36:31 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/08/14 10:36:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/08/14 10:32:34 | 002,839,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2013/08/14 10:32:34 | 002,273,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2013/08/14 10:32:34 | 001,300,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/08/14 10:32:34 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013/08/14 10:32:34 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/08/14 10:32:34 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/08/14 10:32:34 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/08/14 10:32:34 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanmm.dll
[2013/08/14 10:32:34 | 000,439,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2013/08/14 10:32:34 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2013/08/14 10:32:34 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013/08/14 10:32:34 | 000,385,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2013/08/14 10:32:34 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/08/14 10:32:34 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wwanadvui.dll
[2013/08/14 10:32:34 | 000,327,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2013/08/14 10:32:34 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
[2013/08/14 10:32:34 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013/08/14 10:32:34 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmsvc.dll
[2013/08/14 10:32:34 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
[2013/08/14 10:32:34 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/08/14 10:32:34 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2013/08/14 10:32:34 | 000,195,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013/08/14 10:32:34 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmmbase.dll
[2013/08/14 10:32:34 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmmbase.dll
[2013/08/14 10:32:34 | 000,125,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013/08/14 10:32:34 | 000,120,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpioclx.sys
[2013/08/14 10:32:34 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2013/08/14 10:32:34 | 000,096,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2013/08/14 10:32:34 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\openfiles.exe
[2013/08/14 10:32:34 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmcsp.dll
[2013/08/14 10:32:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\openfiles.exe
[2013/08/14 10:28:49 | 000,247,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2013/08/14 10:28:49 | 000,036,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2013/08/14 10:27:00 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/08/14 10:27:00 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013/08/14 10:27:00 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/08/14 10:27:00 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/08/14 10:27:00 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/08/14 10:27:00 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/08/14 10:27:00 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/08/14 10:27:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/08/14 10:27:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/08/14 10:27:00 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013/08/14 10:27:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/08/14 10:27:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013/08/14 10:27:00 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/08/14 10:27:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/08/14 10:25:54 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/08/14 10:24:45 | 001,889,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/08/14 10:24:45 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/08/14 10:24:45 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apprepapi.dll
[2013/08/14 10:24:45 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apprepsync.dll
[2013/08/14 10:24:45 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apprepapi.dll
[2013/08/14 10:24:45 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apprepsync.dll
[2013/08/13 11:53:42 | 000,276,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013/08/19 10:27:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/08/19 10:16:00 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/19 09:20:23 | 000,788,984 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2013/08/19 09:20:23 | 000,786,784 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013/08/19 09:20:23 | 000,786,588 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2013/08/19 09:20:23 | 000,782,014 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2013/08/19 09:20:23 | 000,777,732 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2013/08/19 09:20:23 | 000,769,726 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2013/08/19 09:20:23 | 000,763,854 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2013/08/19 09:20:23 | 000,742,838 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/08/19 09:20:23 | 000,713,560 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2013/08/19 09:20:23 | 000,711,282 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/19 09:20:23 | 000,703,484 | ---- | M] () -- C:\Windows\SysNative\perfh01F.dat
[2013/08/19 09:20:23 | 000,661,552 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013/08/19 09:20:23 | 000,542,830 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat
[2013/08/19 09:20:23 | 000,438,200 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2013/08/19 09:20:23 | 000,427,352 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2013/08/19 09:20:23 | 000,423,880 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2013/08/19 09:20:23 | 000,422,458 | ---- | M] () -- C:\Windows\SysNative\perfh001.dat
[2013/08/19 09:20:23 | 000,409,156 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2013/08/19 09:20:23 | 000,162,890 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2013/08/19 09:20:23 | 000,160,510 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2013/08/19 09:20:23 | 000,159,932 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013/08/19 09:20:23 | 000,159,122 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2013/08/19 09:20:23 | 000,158,362 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2013/08/19 09:20:23 | 000,155,896 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/08/19 09:20:23 | 000,155,144 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2013/08/19 09:20:23 | 000,153,144 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2013/08/19 09:20:23 | 000,149,444 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2013/08/19 09:20:23 | 000,147,116 | ---- | M] () -- C:\Windows\SysNative\perfc01F.dat
[2013/08/19 09:20:23 | 000,133,150 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/19 09:20:23 | 000,133,088 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2013/08/19 09:20:23 | 000,133,088 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2013/08/19 09:20:23 | 000,128,186 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013/08/19 09:20:23 | 000,089,394 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat
[2013/08/19 09:20:23 | 000,081,986 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2013/08/19 09:20:23 | 000,065,162 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2013/08/19 09:20:23 | 000,065,162 | ---- | M] () -- C:\Windows\SysNative\perfc001.dat
[2013/08/19 09:20:22 | 014,033,590 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/19 08:32:58 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/18 12:16:50 | 000,000,035 | ---- | M] () -- C:\Users\marce_000\AppData\Roaming\mbam.context.scan
[2013/08/17 16:47:14 | 000,000,572 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013/08/17 13:44:16 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed Most Wanted.lnk
[2013/08/17 13:28:59 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/08/17 13:28:51 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/08/17 11:03:51 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2013/08/17 11:03:29 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/08/17 11:03:26 | 2484,211,711 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/17 09:04:15 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/08/16 12:42:10 | 000,001,793 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/16 08:26:05 | 000,352,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/08/14 10:36:33 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/14 10:32:34 | 002,839,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2013/08/14 10:32:34 | 002,273,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2013/08/14 10:32:34 | 001,300,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/08/14 10:32:34 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013/08/14 10:32:34 | 000,888,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/08/14 10:32:34 | 000,778,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013/08/14 10:32:34 | 000,702,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/08/14 10:32:34 | 000,543,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwanmm.dll
[2013/08/14 10:32:34 | 000,439,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2013/08/14 10:32:34 | 000,414,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2013/08/14 10:32:34 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013/08/14 10:32:34 | 000,387,583 | ---- | M] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/08/14 10:32:34 | 000,385,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2013/08/14 10:32:34 | 000,381,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/08/14 10:32:34 | 000,370,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wwanadvui.dll
[2013/08/14 10:32:34 | 000,327,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2013/08/14 10:32:34 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
[2013/08/14 10:32:34 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013/08/14 10:32:34 | 000,263,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wcmsvc.dll
[2013/08/14 10:32:34 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
[2013/08/14 10:32:34 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/08/14 10:32:34 | 000,230,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2013/08/14 10:32:34 | 000,195,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013/08/14 10:32:34 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winmmbase.dll
[2013/08/14 10:32:34 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\winmmbase.dll
[2013/08/14 10:32:34 | 000,125,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013/08/14 10:32:34 | 000,120,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpioclx.sys
[2013/08/14 10:32:34 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2013/08/14 10:32:34 | 000,096,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2013/08/14 10:32:34 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\openfiles.exe
[2013/08/14 10:32:34 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wcmcsp.dll
[2013/08/14 10:32:34 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\openfiles.exe
[2013/08/14 10:28:49 | 000,247,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2013/08/14 10:28:49 | 000,036,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2013/08/14 10:27:00 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/08/14 10:27:00 | 000,915,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013/08/14 10:27:00 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/08/14 10:27:00 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/08/14 10:27:00 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/08/14 10:27:00 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/08/14 10:27:00 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/08/14 10:27:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/08/14 10:27:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/08/14 10:27:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013/08/14 10:27:00 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/08/14 10:27:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013/08/14 10:27:00 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/08/14 10:27:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/08/14 10:25:54 | 001,314,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/08/14 10:24:45 | 001,889,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/08/14 10:24:45 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/08/14 10:24:45 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apprepapi.dll
[2013/08/14 10:24:45 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apprepsync.dll
[2013/08/14 10:24:45 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apprepapi.dll
[2013/08/14 10:24:45 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apprepsync.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/19 10:27:49 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/08/18 12:16:50 | 000,000,035 | ---- | C] () -- C:\Users\marce_000\AppData\Roaming\mbam.context.scan
[2013/08/17 16:47:14 | 000,000,572 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013/08/17 13:44:16 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed Most Wanted.lnk
[2013/08/17 13:28:59 | 000,001,972 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/08/16 12:42:10 | 000,001,793 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/14 11:45:42 | 000,352,632 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/08/14 10:36:33 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/14 10:32:34 | 000,387,583 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/07/25 13:46:18 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/07/23 14:54:03 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/07/19 18:01:02 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/11/30 02:26:59 | 018,657,518 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/11/30 01:09:48 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2012/11/28 17:33:47 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/11/28 17:33:44 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/11/28 17:33:44 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/07/26 09:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 09:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 08:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 02:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 21:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 21:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/20 03:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012/06/02 15:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2013/07/19 16:38:28 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 07:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 06:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/04 17:21:23 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2013/08/04 17:21:23 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2013/07/25 23:22:38 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\Ashampoo
[2013/08/17 13:29:24 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\DAEMON Tools Lite
[2013/07/19 17:42:42 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\DAEMON Tools Ultra
[2013/08/14 10:35:52 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\IObit
[2013/07/19 16:41:56 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\Leadertech
[2013/07/28 17:11:05 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\LowRateVoip
[2013/07/25 13:46:15 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\PunkBuster
[2013/07/27 18:31:32 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\TeamViewer
[2013/08/18 00:04:24 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\uTorrent
[2013/08/09 17:53:19 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\wargaming.net

========== Purity Check ==========

========== Custom Scans ==========

< >
[2012/07/26 08:22:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013/07/19 15:11:34 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/07/19 15:11:35 | 000,000,956 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\drivers\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_69660e2be041f47b\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_b733d17ea1e7f604\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_3601cf7eab4e0493\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16548_none_36311422ab29f479\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.20652_none_36a9df45c455182a\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2013/05/15 03:34:57 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=0695081E4C1F80D432B3CB7E960501A2 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_df774bf9ac0a075d\autochk.exe
[2012/07/26 04:20:43 | 000,792,064 | ---- | M] (Microsoft Corporation) MD5=55653D86D712641DB6930FAB64F452FF -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_de9ef92a9327e7b0\autochk.exe
[2013/05/15 03:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\SysWOW64\autochk.exe
[2013/05/15 03:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_dee8adbc92f0e8e0\autochk.exe
[2013/08/08 08:59:24 | 000,000,596 | ---- | M] () MD5=DF2C8845F32E9AFE657C138229A8F0D7 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_3b95e77d64677893\autochk.exe
[2013/08/08 08:59:23 | 000,040,790 | ---- | M] () MD5=E43F37042AC3075B86A0A14EED33DC34 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_3abd94ae4b8558e6\autochk.exe
[2013/05/15 03:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\SysNative\autochk.exe
[2013/05/15 03:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_3b0749404b4e5a16\autochk.exe

< MD5 for: CDROM.SYS >
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\SysNative\drivers\cdrom.sys
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_cf04adb457be1724\cdrom.sys
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.2.9200.16384_none_b87303472d8ba041\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2012/11/30 01:17:29 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=0AD19A3CA61271BA872AD90771BA47DC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2013/06/01 12:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\explorer.exe
[2013/06/01 12:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1\explorer.exe
[2013/06/01 11:17:57 | 002,116,520 | ---- | M] (Microsoft Corporation) MD5=15C505AD0118275E7363A539009EF3AF -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4\explorer.exe
[2013/08/11 16:47:40 | 000,220,321 | ---- | M] () MD5=2B094947B7DD34CE7BE17B06F7DF7A23 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2012/07/26 04:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2012/11/30 01:17:29 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=953ADECFF08202A01EFC6110214FDE02 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2013/08/11 16:47:38 | 000,220,310 | ---- | M] () MD5=BC25C0DA803DAB120CD4B2D08FCBD34E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe
[2013/08/11 16:47:42 | 000,217,360 | ---- | M] () MD5=CEA1AC59C24D16B76997E9F848A65BC5 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9\explorer.exe
[2013/08/11 16:47:36 | 000,221,955 | ---- | M] () MD5=E54FEA1FC6B85BEF83E63B23465E670E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2013/06/01 11:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\SysWOW64\explorer.exe
[2013/06/01 11:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdc\explorer.exe

< MD5 for: HAL.DLL >
[2013/08/11 16:48:41 | 000,001,298 | ---- | M] () MD5=47439EC72C6506ABA96C53A51FBCEF68 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16420_none_042f7a4ee3415d71\hal.dll
[2013/08/11 16:48:40 | 000,012,277 | ---- | M] () MD5=A7842BCBAF0FA21204B653772C0EED84 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16399_none_03eccb8ee37207f0\hal.dll
[2013/08/11 16:48:40 | 000,008,477 | ---- | M] () MD5=C4D6FAF03E854BC69B112E72B36F53B1 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16405_none_044a1b98e32ca442\hal.dll
[2013/08/11 16:48:42 | 000,002,020 | ---- | M] () MD5=E6B387E2EDD6BE1E168FA2E292DEDB83 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20544_none_04a77869fc6b9a79\hal.dll
[2013/08/11 16:48:41 | 000,001,310 | ---- | M] () MD5=EAA09F220AC43AFDD1275CEDB42725D4 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20521_none_04ba1763fc5e1692\hal.dll
[2012/11/30 01:19:56 | 000,396,008 | ---- | M] (Microsoft Corporation) MD5=F021625F422966AD31F95CC494F7D188 -- C:\Windows\SysNative\hal.dll
[2012/11/30 01:19:56 | 000,396,008 | ---- | M] (Microsoft Corporation) MD5=F021625F422966AD31F95CC494F7D188 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16442_none_041bdb0ae34fc801\hal.dll
[2013/08/11 16:48:40 | 000,011,988 | ---- | M] () MD5=FA8A971FCA6246572079AF3DA831B2D9 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16384_none_03f29a08e36e6d4c\hal.dll

iasak1982 · #11 Příspěvek od **iasak1982** » 19 srp 2013 12:40

< MD5 for: SCECLI.DLL >
[2012/07/26 04:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\Windows\SysNative\scecli.dll
[2012/07/26 04:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_90d789c062dfa509\scecli.dll
[2012/07/26 04:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\SysWOW64\scecli.dll
[2012/07/26 04:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_9b2c341297406704\scecli.dll

< MD5 for: SERVICES.EXE >
[2012/11/30 01:09:44 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=581190907DA1CF8CB7B87B35FFE64A07 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.20521_none_98a9ea2e9f571eb2\services.exe
[2012/07/26 06:26:45 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=754A2CC1F32107EA87CBD305ABE3E618 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16384_none_97e26cd38667756c\services.exe
[2012/11/30 01:09:44 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=8F226143046435C75C033B0C52E90FFE -- C:\Windows\SysNative\services.exe
[2012/11/30 01:09:44 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=8F226143046435C75C033B0C52E90FFE -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16420_none_981f4d19863a6591\services.exe

< MD5 for: SVCHOST.EXE >
[2012/07/26 04:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
[2012/07/26 04:08:47 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=57350BEDE3834915B6145B67C71C7BDA -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe
[2012/11/30 01:09:44 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=607F7CB143783A8F9BA058D2FC4F2D36 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_0f4c7e60a8019d22\svchost.exe
[2012/11/30 01:09:51 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\SysWOW64\svchost.exe
[2012/11/30 01:09:51 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2012/11/30 01:09:44 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\Windows\SysNative\svchost.exe
[2012/11/30 01:09:44 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_0ec1e14b8ee4e401\svchost.exe
[2012/11/30 01:09:51 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=EEF5E64822C3E21B186EA53463BE92DA -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe

< MD5 for: TCPIP.SYS >
[2013/06/01 12:33:13 | 002,233,600 | ---- | M] (Microsoft Corporation) MD5=0D05E0147C1329C53AAF97882DEDD96A -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16628_none_0c2ca018eff62c18\tcpip.sys
[2012/11/30 01:09:44 | 002,225,896 | ---- | M] (Microsoft Corporation) MD5=165DDAA5A399C51FE9D6C056D3B9F4EB -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20521_none_0caf3712091a2033\tcpip.sys
[2013/08/14 10:25:41 | 002,233,168 | ---- | M] (Microsoft Corporation) MD5=1794C43A000A47D92B3304FC1E3E512A -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/08/14 10:25:41 | 002,233,168 | ---- | M] (Microsoft Corporation) MD5=1794C43A000A47D92B3304FC1E3E512A -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16659_none_0c0d309ef00d9942\tcpip.sys
[2012/11/30 01:09:44 | 002,225,896 | ---- | M] (Microsoft Corporation) MD5=1D644E2D0FC395A055AB1C23C3B43631 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16420_none_0c2499fceffd6712\tcpip.sys
[2013/05/04 08:46:29 | 002,227,456 | ---- | M] (Microsoft Corporation) MD5=24512F925D400E7310059C80F81256C2 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20708_none_0ccbdcbc09039400\tcpip.sys
[2013/06/01 12:38:57 | 002,227,456 | ---- | M] (Microsoft Corporation) MD5=396E3A3442AE13820E5221F67D0071DA -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20733_none_0ca66b8609206920\tcpip.sys
[2012/11/30 01:03:20 | 002,225,384 | ---- | M] (Microsoft Corporation) MD5=7038FAE65A507BA9313D8ACCB49A7C06 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16399_none_0be1eb3cf02e1191\tcpip.sys
[2013/02/02 10:03:26 | 002,226,408 | ---- | M] (Microsoft Corporation) MD5=9B09D075FEC02026A6AD6D78B2CCD67F -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20623_none_0cb1398c09185008\tcpip.sys
[2012/07/26 06:26:47 | 002,224,880 | ---- | M] (Microsoft Corporation) MD5=AF6A8D27FCABFF85DDC1D4599582B4FE -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16384_none_0be7b9b6f02a76ed\tcpip.sys
[2013/03/02 10:59:37 | 002,231,528 | ---- | M] (Microsoft Corporation) MD5=B6D52E2C38B49A156E58FF5B9C6CA8BE -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16548_none_0c16fe5af00666d3\tcpip.sys
[2013/05/04 08:45:29 | 002,233,600 | ---- | M] (Microsoft Corporation) MD5=D750CE2A52F1B95E654CF2904C88EF1F -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16604_none_0c3e3ec8efe98eda\tcpip.sys
[2013/03/02 11:20:07 | 002,225,896 | ---- | M] (Microsoft Corporation) MD5=DD6E5A51D93596DF7EA5F956FDE3306D -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20652_none_0c8fc97e09318a84\tcpip.sys
[2013/08/14 10:25:41 | 002,228,048 | ---- | M] (Microsoft Corporation) MD5=EA2F55C14A30B6D89F3094269A72F9ED -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20767_none_0c89fcea0935224f\tcpip.sys
[2013/02/02 11:28:54 | 002,226,408 | ---- | M] (Microsoft Corporation) MD5=F4F78B7F39BD56BD0BFE4C4399398F6F -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16518_none_0c376e1eefee1300\tcpip.sys

< MD5 for: USERINIT.EXE >
[2012/07/26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\SysNative\userinit.exe
[2012/07/26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe
[2012/07/26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\SysWOW64\userinit.exe
[2012/07/26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/11/30 01:09:44 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=1F84B5F8DBDFFD36DF143C61CE25F12A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe
[2012/11/30 01:09:44 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=6522E98C94A2A81AE11EB66D2AF5743A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe
[2012/07/26 04:08:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2012/11/30 01:17:17 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\SysNative\winlogon.exe
[2012/11/30 01:17:17 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
[2012/11/30 01:17:17 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=CBFD56B4EC07CB056A6ABD55DD33671F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Inf\Intel Storage Counters\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0000\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0000\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0001\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0001\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0005\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0005\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0006\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0006\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0007\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0007\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0008\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0008\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0009\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0009\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\000A\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\000A\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\000B\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\000B\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\000C\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\000C\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\000D\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\000D\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\000E\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\000E\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0010\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0010\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0011\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0011\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0012\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0012\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0013\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0013\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0014\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0014\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0015\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0015\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0019\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0019\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\001D\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\001D\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\001F\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\001F\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0404\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0404\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0416\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0416\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0804\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0804\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0816\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0816\*.tmp -> ]
[2 C:\Windows\Panther\*.tmp files -> C:\Windows\Panther\*.tmp -> ]
[1 C:\Windows\RE_DRIVE\RECOVERYCD_ISO\RECOVERY_DVD\*.tmp files -> C:\Windows\RE_DRIVE\RECOVERYCD_ISO\RECOVERY_DVD\*.tmp -> ]
[1 C:\Windows\System32\catroot\*.tmp files -> C:\Windows\System32\catroot\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\WinSxS\*.tmp files -> C:\Windows\WinSxS\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/07/23 14:46:15 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\Adobe
[2013/07/20 09:36:34 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\Apple Computer
[2013/07/25 23:22:38 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\Ashampoo
[2013/08/17 13:29:24 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\DAEMON Tools Lite
[2013/07/19 17:42:42 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\DAEMON Tools Ultra
[2013/07/19 14:53:26 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\GRETECH
[2013/07/30 15:47:22 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\HpUpdate
[2013/08/10 19:17:38 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\Identities
[2013/07/19 14:08:51 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\Intel Corporation
[2013/08/14 10:35:52 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\IObit
[2013/07/19 16:41:56 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\Leadertech
[2013/07/28 17:11:05 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\LowRateVoip
[2013/07/19 14:26:58 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\Macromedia
[2013/08/14 10:36:42 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\Malwarebytes
[2013/08/14 11:31:24 | 000,000,000 | --SD | M] -- C:\Users\marce_000\AppData\Roaming\Microsoft
[2013/07/28 18:38:31 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\Nero
[2013/08/06 20:06:26 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\NVIDIA
[2013/07/25 13:46:15 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\PunkBuster
[2013/08/19 12:01:49 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\Skype
[2013/07/27 18:31:32 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\TeamViewer
[2013/08/18 00:04:24 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\uTorrent
[2013/08/09 17:53:19 | 000,000,000 | ---D | M] -- C:\Users\marce_000\AppData\Roaming\wargaming.net

< %APPDATA%\*.exe /s >
[2011/11/23 17:38:29 | 003,123,272 | R--- | M] () -- C:\Users\marce_000\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
[2013/08/14 09:40:39 | 000,888,152 | ---- | M] (BitTorrent Inc.) -- C:\Users\marce_000\AppData\Roaming\uTorrent\uTorrent.exe
[2013/07/19 14:24:17 | 001,129,552 | ---- | M] (BitTorrent Inc.) -- C:\Users\marce_000\AppData\Roaming\uTorrent\updates\3.3.1_29938.exe
[2013/08/06 19:59:05 | 000,888,152 | ---- | M] (BitTorrent Inc.) -- C:\Users\marce_000\AppData\Roaming\uTorrent\updates\3.3.1_30003.exe
[2013/08/14 09:40:39 | 000,888,152 | ---- | M] (BitTorrent Inc.) -- C:\Users\marce_000\AppData\Roaming\uTorrent\updates\3.3.1_30017.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2013/08/14 10:27:00 | 013,761,024 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2012/07/26 04:18:40 | 000,117,248 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\Tasks\*.job >
[2013/08/19 08:32:58 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/08/19 11:16:04 | 000,000,956 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2013/08/14 10:27:00 | 013,761,024 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
[2012/07/26 04:18:40 | 000,117,248 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/08/17 09:04:15 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[2013/08/17 11:05:59 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"HP Deskjet 3050A J611 series (NET)" = "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN34C1CN5Z05WK:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1 -- [2012/10/17 04:29:50 | 002,573,416 | ---- | M] (Hewlett-Packard Co.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013/08/01 14:13:14 | 003,673,696 | ---- | M] (Disc Soft Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013/08/14 10:27:00 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=7BA1862B8A5698DC5FCFDFF3BC359DE9 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013/07/25 01:49:49 | 000,846,288 | ---- | M] (Google Inc.) MD5=ECCA7F72A24C7CF43131946C076689D1 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/08/19 10:27:49 | 000,000,512 | ---- | M] () MD5=51BC5558274F5E0DCCB65B05F4F90B18 -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]

< >

< *crack* /s >
[2012/08/02 11:47:48 | 000,145,606 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomCrowbarUse.wav
[2012/08/02 11:47:48 | 000,016,246 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomFlashlightUse.wav
[2012/08/02 11:47:48 | 000,076,306 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomGloveUse.wav
[2012/08/02 11:47:48 | 000,069,586 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomHookUse.wav
[2012/08/02 11:47:48 | 000,032,346 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomScorpianShow.wav
[2012/08/02 11:47:48 | 000,134,406 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomScorpionStrike.wav
[2012/08/02 11:47:48 | 000,171,086 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomScrewdriverUse.wav
[2012/08/02 11:47:48 | 000,085,406 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Audio\Sfx\Scenes\HelicopterCrash\WindshieldCrack.wav
[2012/08/02 11:47:08 | 000,026,700 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Data\Scenes\Canyon\WallCrackZoom.xml
[2012/08/02 11:47:18 | 001,008,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Graphics\Scenes\Canyon\CrackLit.dds
[2012/08/02 11:47:18 | 000,093,248 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Graphics\Scenes\Canyon\CrackOpen.dds
[2012/08/02 11:47:20 | 000,150,608 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Graphics\Scenes\Canyon\WallCrackOpen.dds
[2012/08/02 11:47:22 | 001,008,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\CrackLit.dds
[2012/08/02 11:47:22 | 000,383,744 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\CrackOpen.dds
[2012/08/02 11:47:22 | 001,008,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\WallCrackZoom_Background.dds
[2012/08/02 11:47:22 | 001,299,712 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\Animations\WallCrack_Sandpuff.dds
[2012/08/02 11:47:22 | 000,005,379 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\Episodes\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\Animations\WallCrack_Sandpuff_data.xml
[2013/07/22 23:13:36 | 000,145,606 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomCrowbarUse.wav
[2013/07/22 23:13:36 | 000,016,246 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomFlashlightUse.wav
[2013/07/22 23:13:36 | 000,076,306 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomGloveUse.wav
[2013/07/22 23:13:36 | 000,032,346 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomScorpianShow.wav
[2013/07/22 23:13:36 | 000,134,406 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomScorpionStrike.wav
[2013/07/22 23:13:40 | 000,085,406 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Audio\Sfx\Scenes\HelicopterCrash\WindshieldCrack.wav
[2013/07/22 23:15:27 | 000,021,640 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Data\Scenes\Canyon\WallCrackZoom.xml
[2013/07/22 23:19:33 | 000,150,608 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Graphics\Scenes\Canyon\WallCrackOpen.dds
[2013/07/22 23:19:38 | 001,008,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\CrackLit.dds
[2013/07/22 23:19:38 | 000,383,744 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\CrackOpen.dds
[2013/07/22 23:19:39 | 001,008,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\WallCrackZoom_Background.dds
[2013/07/22 23:19:38 | 001,299,712 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\Animations\WallCrack_Sandpuff.dds
[2013/07/22 23:19:38 | 000,005,379 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\Animations\WallCrack_Sandpuff_data.xml
[2013/07/22 23:22:19 | 000,079,559 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode2\Data\Scenes\CrackedWall\CrackedWall.xml
[2013/07/22 23:22:19 | 000,005,090 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.4.0.17837_x86__8wekyb3d8bbwe\Assets\Episode3\Data\Scenes\StoneCocoonChamber\FloorCrackZoom.xml
[2013/07/22 23:13:36 | 000,145,606 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomCrowbarUse.wav
[2013/07/22 23:13:36 | 000,016,246 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomFlashlightUse.wav
[2013/07/22 23:13:36 | 000,076,306 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomGloveUse.wav
[2013/07/22 23:13:36 | 000,032,346 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomScorpianShow.wav
[2013/07/22 23:13:36 | 000,134,406 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Audio\Sfx\Scenes\Canyon\CrackZoomScorpionStrike.wav
[2013/07/22 23:13:40 | 000,085,406 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Audio\Sfx\Scenes\HelicopterCrash\WindshieldCrack.wav
[2013/07/22 23:15:27 | 000,021,640 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Data\Scenes\Canyon\WallCrackZoom.xml
[2013/07/22 23:19:33 | 000,150,608 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Graphics\Scenes\Canyon\WallCrackOpen.dds
[2013/07/22 23:19:38 | 001,008,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\CrackLit.dds
[2013/07/22 23:19:38 | 000,383,744 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\CrackOpen.dds
[2013/07/22 23:19:39 | 001,008,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\WallCrackZoom_Background.dds
[2013/07/22 23:19:38 | 001,299,712 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\Animations\WallCrack_Sandpuff.dds
[2013/07/22 23:19:38 | 000,005,379 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode1\Graphics\Scenes\Canyon\WallCrackZoom\Animations\WallCrack_Sandpuff_data.xml
[2013/07/22 23:22:19 | 000,079,559 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode2\Data\Scenes\CrackedWall\CrackedWall.xml
[2013/07/22 23:22:19 | 000,005,090 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_1.5.0.25573_x86__8wekyb3d8bbwe\Assets\Episode3\Data\Scenes\StoneCocoonChamber\FloorCrackZoom.xml
[2013/07/23 22:38:39 | 000,000,767 | ---- | M] () -- \Users\marce_000\Downloads\SuperHideIP-3.1.6.8.FULL\crack\Crack_CZ.cmd

< *keygen* /s >
< *loader* /s >
[2013/07/16 08:35:19 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2013/07/16 08:35:19 | 000,003,668 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2013/07/16 08:35:19 | 000,006,463 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2013/04/21 21:44:16 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2004/12/28 17:40:02 | 000,169,384 | ---- | M] () -- \Program Files (x86)\Counter-Strike 1.6\cstrike\models\qloader.mdl
[2003/09/15 13:55:50 | 000,352,548 | ---- | M] () -- \Program Files (x86)\Counter-Strike 1.6\valve\models\loader.mdl
[2003/09/15 13:56:04 | 000,012,764 | ---- | M] () -- \Program Files (x86)\Counter-Strike 1.6\valve\sound\ambience\loader_hydra1.wav
[2003/09/15 13:56:04 | 000,012,164 | ---- | M] () -- \Program Files (x86)\Counter-Strike 1.6\valve\sound\ambience\loader_step1.wav
[2012/05/18 07:15:48 | 000,010,781 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2012/05/18 07:15:50 | 000,003,492 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\widget\langloader.kc
[2012/05/18 07:15:50 | 000,013,453 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\widget\layoutloader.kc
[2011/05/06 00:35:06 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011/05/06 00:35:08 | 000,003,567 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2011/05/06 00:35:08 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2009/10/06 06:08:30 | 000,145,082 | ---- | M] () -- \Program Files (x86)\HP\HP Deskjet 3050A J611 series\bin\HelpViewer\Resources\Loader.gif
[2012/08/16 09:26:52 | 000,071,008 | ---- | M] () -- \Program Files (x86)\Mafia II Kompletní Edice\pc\PhysXLoader.dll
[2013/05/14 05:07:09 | 000,064,832 | ---- | M] () -- \Program Files (x86)\Metro Last Light\PhysXLoader.dll
[2012/05/04 03:38:36 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012/05/04 03:39:16 | 000,063,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012/05/21 13:03:06 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012/05/21 13:03:06 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2012/07/26 08:54:43 | 000,039,485 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Bing_1.2.0.137_x64__8wekyb3d8bbwe\shell\js\backgroundImageLoader.js
[2013/07/22 22:59:04 | 000,032,157 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe\shell\js\backgroundImageLoader.js
[2012/08/03 07:45:30 | 000,037,376 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_1.0.0.2_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2012/08/03 07:45:30 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_1.0.0.2_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2012/08/03 07:45:48 | 000,000,436 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_1.0.0.2_x86__8wekyb3d8bbwe\LoaderPage.xaml
[2012/08/03 07:45:48 | 000,006,042 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_1.0.0.2_x86__8wekyb3d8bbwe\Controls\PreloaderPage.xaml
[2012/08/03 07:45:48 | 000,000,436 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_1.6.4.30605_x86__8wekyb3d8bbwe\LoaderPage.xaml
[2013/07/22 23:10:56 | 000,005,538 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_1.6.4.30605_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderPage.xaml
[2013/07/22 23:10:56 | 000,000,683 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_1.6.4.30605_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\StandartPreloaderControl.xaml
[2012/07/27 12:30:22 | 000,000,414 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_1.0.0.0_x86__8wekyb3d8bbwe\ApplicationLoader.xaml
[2012/07/27 12:30:22 | 000,037,376 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_1.0.0.0_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2012/07/27 12:30:22 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_1.0.0.0_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2013/07/22 23:07:02 | 000,000,489 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_1.6.4.30605_x86__8wekyb3d8bbwe\ApplicationLoader.xaml
[2013/07/22 23:08:21 | 000,001,942 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_1.6.4.30605_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderControl.xaml
[2012/07/27 12:30:26 | 000,037,376 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_1.0.0.0_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2012/07/27 12:30:26 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_1.0.0.0_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2012/07/27 12:30:54 | 000,000,420 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_1.0.0.0_x86__8wekyb3d8bbwe\Pages\LoaderPage.xaml
[2013/07/22 23:11:04 | 000,006,046 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_1.6.4.30605_x86__8wekyb3d8bbwe\Controls\PreloaderPage.xaml
[2013/07/22 23:11:04 | 000,000,452 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_1.6.4.30605_x86__8wekyb3d8bbwe\Pages\LoaderPage.xaml
[2013/07/22 23:11:04 | 000,006,046 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_1.6.5.30710_x86__8wekyb3d8bbwe\Controls\PreloaderPage.xaml
[2013/07/22 23:11:04 | 000,000,452 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_1.6.5.30710_x86__8wekyb3d8bbwe\Pages\LoaderPage.xaml
[2012/07/26 08:53:35 | 000,002,809 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2012/07/26 08:53:35 | 000,001,583 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2012/07/26 08:53:35 | 000,001,711 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2012/07/26 08:53:35 | 000,002,509 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2012/07/26 08:53:36 | 000,002,394 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2012/07/26 08:53:36 | 000,005,028 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2013/07/22 23:21:18 | 000,002,089 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2013/07/22 23:21:21 | 000,001,326 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2013/07/22 23:21:21 | 000,001,208 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2013/07/22 23:21:21 | 000,002,552 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2013/07/22 23:21:23 | 000,001,915 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2013/07/22 23:21:24 | 000,005,019 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2012/07/26 08:54:40 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/07/22 23:05:36 | 000,046,874 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.3.10.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/07/26 08:54:14 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/07/22 23:11:08 | 000,053,549 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.4.18.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/07/26 08:54:23 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/07/22 23:04:15 | 000,053,549 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.4.19.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/08/16 10:57:52 | 000,053,822 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.41.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/07/19 14:34:10 | 000,004,764 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader.log
[2012/12/14 19:15:04 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013/02/20 16:28:38 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013/02/20 16:28:38 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013/02/20 16:28:38 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013/07/19 14:34:10 | 000,004,764 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader.log
[2012/12/14 19:15:04 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013/02/20 16:28:38 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013/02/20 16:28:38 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013/02/20 16:28:38 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013/08/17 13:28:13 | 000,141,216 | ---- | M] () -- \Users\marce_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\563M48HN\bi_downloader[2].exe
[2013/08/16 08:45:42 | 000,109,505 | ---- | M] () -- \Users\marce_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GYXJ3F90\AdLoader-3ce32d357de39fd9427f374be93bd0ac.min[1].js
[2013/08/16 08:45:42 | 000,001,511 | ---- | M] () -- \Users\marce_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MMAA26O0\AdLoader[1].htm
[2013/08/02 08:49:35 | 000,011,264 | ---- | M] () -- \Users\marce_000\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Sha90c3da1#\0d4b24e1790490ff6b8634b2e790d12d\Arkadium.SharpDXEngine.DDSLoader.ni.dll
[2013/08/02 08:49:35 | 000,000,772 | ---- | M] () -- \Users\marce_000\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Sha90c3da1#\0d4b24e1790490ff6b8634b2e790d12d\Arkadium.SharpDXEngine.DDSLoader.ni.dll.aux
[2013/08/01 15:51:28 | 000,002,438 | ---- | M] () -- \Users\marce_000\AppData\Roaming\DAEMON Tools Ultra\MediaInfo\img\loader.gif
[2013/07/19 14:34:15 | 000,061,638 | ---- | M] () -- \Windows\Prefetch\ACTIONCENTERDOWNLOADER.EXE-AE1FDA6C.pf
[2012/07/26 03:46:24 | 000,003,072 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:46:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:46:36 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2012/07/26 04:18:20 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012/07/26 03:46:24 | 000,003,072 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:46:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:46:36 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2012/07/26 04:18:20 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1 \Windows\WinSxS\*.tmp files -> \Windows\WinSxS\*.tmp -> ]
[2012/07/26 05:53:16 | 001,084,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16384_none_891afac5ef497dae\hvloader.efi
[2012/07/26 05:53:16 | 000,998,128 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16384_none_891afac5ef497dae\hvloader.exe
[2012/11/30 01:17:17 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16433_none_89500bfdef21d5c9\hvloader.efi
[2012/11/30 01:17:17 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16433_none_89500bfdef21d5c9\hvloader.exe
[2013/03/02 11:39:39 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16548_none_894a3f69ef256d94\hvloader.efi
[2013/03/02 11:39:39 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16548_none_894a3f69ef256d94\hvloader.exe
[2013/03/02 11:39:39 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16579_none_892acfefef3cdabe\hvloader.efi
[2013/04/09 06:24:49 | 000,998,152 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16579_none_892acfefef3cdabe\hvloader.exe
[2013/06/01 13:02:14 | 001,084,160 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16628_none_895fe127ef1532d9\hvloader.efi
[2013/06/01 13:02:14 | 000,998,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16628_none_895fe127ef1532d9\hvloader.exe
[2012/11/30 01:17:17 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20534_none_89daa913083e8eea\hvloader.efi
[2012/11/30 01:17:17 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20534_none_89daa913083e8eea\hvloader.exe
[2013/03/02 11:22:17 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20652_none_89c30a8d08509145\hvloader.efi
[2013/03/02 11:22:17 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20652_none_89c30a8d08509145\hvloader.exe
[2013/03/02 11:22:17 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20683_none_89a39b130867fe6f\hvloader.efi
[2013/04/09 01:24:11 | 000,998,152 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20683_none_89a39b130867fe6f\hvloader.exe
[2013/06/01 13:49:37 | 001,084,160 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20733_none_89d9ac95083f6fe1\hvloader.efi
[2013/06/01 13:49:37 | 000,998,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20733_none_89d9ac95083f6fe1\hvloader.exe
[2012/07/26 04:05:30 | 000,047,616 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_9ebdc35619670551\dmloader.dll
[2012/07/26 03:35:54 | 000,003,072 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:35:54 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:35:58 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-stringloader-l1-1-0.dll
[2012/11/22 09:09:03 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_de-de_26718b717eea00a5.manifest
[2012/11/22 09:09:03 | 000,031,984 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_de-de_26718b717eea00a5_winload.efi.mui_35ee487d
[2012/11/22 09:09:03 | 000,031,984 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_de-de_26718b717eea00a5_winload.exe.mui_3bc5b827
[2012/11/22 09:09:03 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_de-de_26718b717eea00a5_winresume.efi.mui_f412814e
[2012/11/22 09:09:03 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_de-de_26718b717eea00a5_winresume.exe.mui_ff8b5358
[2012/11/22 09:17:18 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_el-gr_cf07b9046dff6933.manifest
[2012/11/22 09:17:18 | 000,033,008 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_el-gr_cf07b9046dff6933_winload.efi.mui_35ee487d
[2012/11/22 09:17:18 | 000,033,008 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_el-gr_cf07b9046dff6933_winload.exe.mui_3bc5b827
[2012/11/22 09:17:18 | 000,020,720 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_el-gr_cf07b9046dff6933_winresume.efi.mui_f412814e
[2012/11/22 09:17:18 | 000,020,720 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_el-gr_cf07b9046dff6933_winresume.exe.mui_ff8b5358
[2012/07/26 08:49:21 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a.manifest
[2012/07/26 08:49:21 | 000,029,936 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winload.efi.mui_35ee487d
[2012/07/26 08:49:21 | 000,029,936 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winload.exe.mui_3bc5b827
[2012/07/26 08:49:21 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winresume.efi.mui_f412814e
[2012/07/26 08:49:21 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winresume.exe.mui_ff8b5358
[2012/11/22 09:25:32 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_es-es_cf2dbe4e6deefe0f.manifest
[2012/11/22 09:25:32 | 000,030,960 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_es-es_cf2dbe4e6deefe0f_winload.efi.mui_35ee487d
[2012/11/22 09:25:32 | 000,030,960 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_es-es_cf2dbe4e6deefe0f_winload.exe.mui_3bc5b827
[2012/11/22 09:25:32 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_es-es_cf2dbe4e6deefe0f_winresume.efi.mui_f412814e
[2012/11/22 09:25:32 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_es-es_cf2dbe4e6deefe0f_winresume.exe.mui_ff8b5358
[2012/11/22 09:38:59 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_fi-fi_6e48c2fb6308f039.manifest
[2012/11/22 09:38:59 | 000,030,960 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_fi-fi_6e48c2fb6308f039_winload.efi.mui_35ee487d
[2012/11/22 09:38:59 | 000,030,960 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_fi-fi_6e48c2fb6308f039_winload.exe.mui_3bc5b827
[2012/11/22 09:38:59 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_fi-fi_6e48c2fb6308f039_winresume.efi.mui_f412814e
[2012/11/22 09:38:59 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_fi-fi_6e48c2fb6308f039_winresume.exe.mui_ff8b5358
[2012/11/22 08:38:52 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_fr-fr_71e5344d60c11471.manifest
[2012/11/22 08:38:52 | 000,032,496 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_fr-fr_71e5344d60c11471_winload.efi.mui_35ee487d
[2012/11/22 08:38:52 | 000,032,496 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_fr-fr_71e5344d60c11471_winload.exe.mui_3bc5b827
[2012/11/22 08:38:52 | 000,020,720 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_fr-fr_71e5344d60c11471_winresume.efi.mui_f412814e
[2012/11/22 08:38:52 | 000,020,720 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_fr-fr_71e5344d60c11471_winresume.exe.mui_ff8b5358
[2012/11/22 10:13:52 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_it-it_5c0d2a9437f2f9ef.manifest
[2012/11/22 10:13:52 | 000,030,960 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_it-it_5c0d2a9437f2f9ef_winload.efi.mui_35ee487d
[2012/11/22 10:13:52 | 000,030,960 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_it-it_5c0d2a9437f2f9ef_winload.exe.mui_3bc5b827
[2012/11/22 10:13:52 | 000,020,720 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_it-it_5c0d2a9437f2f9ef_winresume.efi.mui_f412814e
[2012/11/22 10:13:52 | 000,020,720 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_it-it_5c0d2a9437f2f9ef_winresume.exe.mui_ff8b5358
[2012/11/22 11:07:37 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_nl-nl_886e52c8f6d00871.manifest
[2012/11/22 11:07:37 | 000,031,472 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_nl-nl_886e52c8f6d00871_winload.efi.mui_35ee487d
[2012/11/22 11:07:37 | 000,031,472 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_nl-nl_886e52c8f6d00871_winload.exe.mui_3bc5b827
[2012/11/22 11:07:37 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_nl-nl_886e52c8f6d00871_winresume.efi.mui_f412814e
[2012/11/22 11:07:37 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_nl-nl_886e52c8f6d00871_winresume.exe.mui_ff8b5358
[2012/11/22 11:18:15 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pl-pl_ceaaad4adbf27625.manifest
[2012/11/22 11:18:15 | 000,031,472 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pl-pl_ceaaad4adbf27625_winload.efi.mui_35ee487d
[2012/11/22 11:18:15 | 000,031,472 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pl-pl_ceaaad4adbf27625_winload.exe.mui_3bc5b827
[2012/11/22 11:18:15 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pl-pl_ceaaad4adbf27625_winresume.efi.mui_f412814e
[2012/11/22 11:18:15 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pl-pl_ceaaad4adbf27625_winresume.exe.mui_ff8b5358
[2012/11/22 11:28:35 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pt-br_d0fe97eeda7c0a09.manifest
[2012/11/22 11:28:35 | 000,030,960 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pt-br_d0fe97eeda7c0a09_winload.efi.mui_35ee487d
[2012/11/22 11:28:35 | 000,030,960 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pt-br_d0fe97eeda7c0a09_winload.exe.mui_3bc5b827
[2012/11/22 11:28:35 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pt-br_d0fe97eeda7c0a09_winresume.efi.mui_f412814e
[2012/11/22 11:28:35 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pt-br_d0fe97eeda7c0a09_winresume.exe.mui_ff8b5358
[2012/11/22 11:38:46 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pt-pt_d1e0675ad9eb79e5.manifest
[2012/11/22 11:38:46 | 000,031,472 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pt-pt_d1e0675ad9eb79e5_winload.efi.mui_35ee487d
[2012/11/22 11:38:46 | 000,031,472 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pt-pt_d1e0675ad9eb79e5_winload.exe.mui_3bc5b827
[2012/11/22 11:38:46 | 000,020,720 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pt-pt_d1e0675ad9eb79e5_winresume.efi.mui_f412814e
[2012/11/22 11:38:46 | 000,020,720 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pt-pt_d1e0675ad9eb79e5_winresume.exe.mui_ff8b5358
[2012/11/22 11:57:25 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_ru-ru_1883791ebecd0811.manifest
[2012/11/22 11:57:25 | 000,031,472 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_ru-ru_1883791ebecd0811_winload.efi.mui_35ee487d
[2012/11/22 11:57:25 | 000,031,472 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_ru-ru_1883791ebecd0811_winload.exe.mui_3bc5b827
[2012/11/22 11:57:25 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_ru-ru_1883791ebecd0811_winresume.efi.mui_f412814e
[2012/11/22 11:57:25 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_ru-ru_1883791ebecd0811_winresume.exe.mui_ff8b5358
[2012/11/22 12:31:56 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_sv-se_b47e6393b5f6126c.manifest
[2012/11/22 12:31:56 | 000,030,448 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_sv-se_b47e6393b5f6126c_winload.efi.mui_35ee487d
[2012/11/22 12:31:56 | 000,030,448 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_sv-se_b47e6393b5f6126c_winload.exe.mui_3bc5b827
[2012/11/22 12:31:56 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_sv-se_b47e6393b5f6126c_winresume.efi.mui_f412814e
[2012/11/22 12:31:56 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_sv-se_b47e6393b5f6126c_winresume.exe.mui_ff8b5358
[2012/11/22 12:51:57 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_tr-tr_5d8baddaa4b2145d.manifest
[2012/11/22 12:51:57 | 000,030,448 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_tr-tr_5d8baddaa4b2145d_winload.efi.mui_35ee487d
[2012/11/22 12:51:57 | 000,030,448 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_tr-tr_5d8baddaa4b2145d_winload.exe.mui_3bc5b827
[2012/11/22 12:51:57 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_tr-tr_5d8baddaa4b2145d_winresume.efi.mui_f412814e
[2012/11/22 12:51:57 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_tr-tr_5d8baddaa4b2145d_winresume.exe.mui_ff8b5358
[2012/11/22 13:13:31 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-cn_2ee8cbd854e9e67c.manifest
[2012/11/22 13:13:31 | 000,024,816 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-cn_2ee8cbd854e9e67c_winload.efi.mui_35ee487d
[2012/11/22 13:13:31 | 000,024,816 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-cn_2ee8cbd854e9e67c_winload.exe.mui_3bc5b827
[2012/11/22 13:13:31 | 000,019,184 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-cn_2ee8cbd854e9e67c_winresume.efi.mui_f412814e
[2012/11/22 13:13:31 | 000,019,184 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-cn_2ee8cbd854e9e67c_winresume.exe.mui_ff8b5358
[2012/11/22 13:27:22 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-hk_2d93c46655c5590c.manifest
[2012/11/22 13:27:22 | 000,024,816 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-hk_2d93c46655c5590c_winload.efi.mui_35ee487d
[2012/11/22 13:27:22 | 000,024,816 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-hk_2d93c46655c5590c_winload.exe.mui_3bc5b827
[2012/11/22 13:27:22 | 000,019,184 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-hk_2d93c46655c5590c_winresume.efi.mui_f412814e
[2012/11/22 13:27:22 | 000,019,184 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-hk_2d93c46655c5590c_winresume.exe.mui_ff8b5358
[2012/11/22 13:41:09 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-tw_32e5092e525ac2ec.manifest
[2012/11/22 13:41:09 | 000,024,816 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-tw_32e5092e525ac2ec_winload.efi.mui_35ee487d
[2012/11/22 13:41:09 | 000,024,816 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-tw_32e5092e525ac2ec_winload.exe.mui_3bc5b827
[2012/11/22 13:41:09 | 000,019,184 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-tw_32e5092e525ac2ec_winresume.efi.mui_f412814e
[2012/11/22 13:41:09 | 000,019,184 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-tw_32e5092e525ac2ec_winresume.exe.mui_ff8b5358
[2013/07/23 15:21:51 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a.manifest
[2013/07/23 15:21:51 | 001,403,296 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winload.efi_75834aa0
[2013/07/23 15:21:51 | 001,271,584 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winload.exe_75835076
[2013/07/23 15:21:51 | 001,217,352 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winresume.efi_85cd069f
[2013/07/23 15:21:51 | 001,093,904 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winresume.exe_85cd1215
[2012/07/26 09:11:35 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2012/11/22 08:57:11 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_da-dk_2945f6357d13ac0b.manifest
[2012/11/22 09:05:56 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_de-de_26718b717eea00a5.manifest
[2012/11/22 09:14:14 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_el-gr_cf07b9046dff6933.manifest
[2012/07/26 08:47:51 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a.manifest
[2012/11/22 09:22:32 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_es-es_cf2dbe4e6deefe0f.manifest
[2012/11/22 09:35:54 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_fi-fi_6e48c2fb6308f039.manifest
[2012/11/22 08:36:57 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_fr-fr_71e5344d60c11471.manifest
[2012/11/22 10:10:29 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_it-it_5c0d2a9437f2f9ef.manifest
[2012/11/22 10:20:19 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_ja-jp_fe32a9a12b0e0bca.manifest
[2012/11/22 10:53:07 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_8a2f078af5a3fe9c.manifest
[2012/11/22 11:03:39 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_nl-nl_886e52c8f6d00871.manifest
[2012/11/22 11:14:13 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pl-pl_ceaaad4adbf27625.manifest
[2012/11/22 11:24:31 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pt-br_d0fe97eeda7c0a09.manifest
[2012/11/22 11:34:45 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_pt-pt_d1e0675ad9eb79e5.manifest
[2012/11/22 11:52:38 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_ru-ru_1883791ebecd0811.manifest
[2012/11/22 12:27:00 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_sv-se_b47e6393b5f6126c.manifest
[2012/11/22 12:47:37 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_tr-tr_5d8baddaa4b2145d.manifest
[2012/11/22 13:07:36 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-cn_2ee8cbd854e9e67c.manifest
[2012/11/22 13:21:39 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-hk_2d93c46655c5590c.manifest
[2012/11/22 13:35:07 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_zh-tw_32e5092e525ac2ec.manifest
[2012/07/26 06:00:58 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16384_none_b3f06196f66b163f.manifest
[2012/11/30 01:03:11 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16409_none_b44be44ef625b291.manifest
[2012/11/30 01:08:44 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16420_none_b42d41dcf63e0664.manifest
[2012/11/30 01:16:34 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16433_none_b42572cef6436e5a.manifest
[2013/04/09 07:04:17 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16579_none_b40036c0f65e734f.manifest
[2013/06/01 12:31:54 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a.manifest
[2012/11/30 01:08:44 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20521_none_b4b7def20f5abf85.manifest
[2012/11/30 01:16:34 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20534_none_b4b00fe40f60277b.manifest
[2013/04/09 01:53:04 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20683_none_b47901e40f899700.manifest
[2013/06/01 13:10:50 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20733_none_b4af13660f610872.manifest
[2012/07/26 04:18:20 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_429f27d26109941b\dmloader.dll
[2012/07/26 03:46:24 | 000,003,072 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 03:46:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 03:46:36 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-stringloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

iasak1982 · #12 Příspěvek od **iasak1982** » 19 srp 2013 12:41

OTL Extras logfile created on: 19/08/2013 10:24:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\marce_000\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000809 | Country: Spojené kráľovstvo | Language: ENG | Date Format: dd/MM/yyyy

7.89 Gb Total Physical Memory | 5.89 Gb Available Physical Memory | 74.65% Memory free
15.89 Gb Paging File | 13.43 Gb Available in Paging File | 84.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 588.63 Gb Total Space | 415.06 Gb Free Space | 70.51% Space Free | Partition Type: NTFS
Drive D: | 321.26 Gb Total Space | 320.72 Gb Free Space | 99.83% Space Free | Partition Type: NTFS
Drive F: | 2.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MARCEL | User Name: Marcel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2088791548-2596210193-3422292274-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0619CF4D-A60E-4A06-AAF0-3EFEDB682D17}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0A051E9D-E819-431E-9E8A-78CB870A3EF5}" = lport=139 | protocol=6 | dir=in | app=system |
"{0AFD600E-FFF2-437F-8C98-1AD7404A2264}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{13F502D2-13F1-463E-919C-B667C49FFFC6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14B7D10E-B79B-4C5D-AD56-46BE22C88DAD}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{29900DA4-FDBC-464C-AF91-D12D8279CB43}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2C4DCE55-B32E-4B3F-BCD7-5E4A72FD0E4F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3BA24ED1-9B94-41FF-8311-E1A951655359}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3FC36A6E-0B80-406A-B0DA-CE673F0983E1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{407A005A-5B69-465D-9AA9-6FC41C20C393}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{65CD07CE-3EC6-40F0-8A06-C0A63B31695C}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6A2A4CFD-46F1-4969-A7BC-94700D6DDD87}" = rport=139 | protocol=6 | dir=out | app=system |
"{7ADA0746-25DD-4346-83DB-BAAB9C635322}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7DEB1302-274E-4CC1-9F3F-77A3B6F3F495}" = lport=137 | protocol=17 | dir=in | app=system |
"{80E6F86B-D6D4-4DF1-8570-4C1244947B39}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{87A30CA5-0DB7-4F4D-A316-11AF4D7B30D5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{88441603-3FDD-451A-9991-E9AB2BA317B2}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{92BF094F-775E-4AB9-B0E7-7DD57973DDF8}" = rport=2869 | protocol=6 | dir=out | app=system |
"{94E650D0-C6BA-4D4C-B7A3-C85851AC0023}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{98B0B3B1-5CB7-44A6-9D33-8ED86D40B818}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A4DC9CBA-86E6-4BD4-A71C-9ED263A1876F}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A70E3122-B75C-4AB1-B660-322FD4415E42}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AF19A2C8-18DC-42E7-B8DA-2EC5E023BA6C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B091C5BF-4DE6-43D6-A066-5D7ADF30A881}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B477DAF4-7353-4283-AF7B-00027DE9E49F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C5CFD936-EE8B-4AA4-8896-91F99682868F}" = rport=137 | protocol=17 | dir=out | app=system |
"{CEA23737-5EA2-4DF8-A9CE-D4AAA5FE5968}" = lport=445 | protocol=6 | dir=in | app=system |
"{D1C13C50-6B6C-4CB5-91FD-2B479BB0B613}" = rport=445 | protocol=6 | dir=out | app=system |
"{DAD970DA-AA04-4F1E-9422-4438B8CBC991}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DFE0A10E-1AEB-4CA0-AC82-758107AD9F10}" = lport=138 | protocol=17 | dir=in | app=system |
"{EAD7FA82-975B-4B3E-87C7-8F954339A49E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F93823C0-1EE6-4783-A0BE-C52A0FF2CA55}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F95CCB28-2214-4B85-9F96-7508633F4EE4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FACAFEAE-A515-429A-8A15-F63A1F86AF83}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0003A5F6-1182-462B-87E7-3DD3D99BDA3F}" = dir=out | name=hp printer control |
"{01CD5AE6-BEE6-4074-8EA6-4666D92E7FFF}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{04AF8AFC-3956-44D4-8297-65E01A92BEC4}" = dir=out | name=tumetro |
"{0598FD00-2DAA-46D2-A321-586DCC771AAE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{0714D22D-B046-4F2D-AC52-8AFEFDBFC6FF}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{0C54892B-95E2-4660-BC87-F3D3766C72DA}" = dir=out | name=adera |
"{0D42A7B8-2D1B-4076-A607-998B48CD0BB4}" = dir=out | name=evernote |
"{0D9F5B3E-41DE-498A-8D43-C57412B3E86C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{113A578D-0434-4CBB-B07F-E5C55BA21B70}" = dir=in | name=evernote |
"{13890BC3-C629-4EB0-B346-481A33864291}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{1AA15F78-E584-406F-9A9C-620B9E30EA8C}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{1CA21453-124F-4570-BD7B-A2CD22F6DFB0}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{208ACDB2-28E4-4353-BD22-6B3E1A5C3959}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{23D0C6A3-67A2-4917-90D8-CBBF68F042F3}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{25E08438-DC3C-4F79-87C6-CE34BA0A60AA}" = dir=out | name=microsoft solitaire collection |
"{263DC812-D4FD-42FF-BA85-31AB2206A42C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{31700B1D-4BC4-4ED1-BE17-97A7B1733746}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"{318440FD-4E07-41A1-939E-C84195D0F238}" = dir=out | name=windows_ie_ac_001 |
"{378C096F-57BA-412E-BEEC-4659BD170AF8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3BE9D739-AA08-4ECF-9A83-E5BD90507839}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3BF97188-2030-4D45-B55D-8D28E7DBBD61}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{3CA2F703-1FB6-4D28-A806-8207FD191198}" = dir=out | name=puzzletouch |
"{3EEC3974-524B-4355-9036-4F0232F0DC7A}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{400275FD-2A57-4DF7-A5FE-BD2E3675162B}" = dir=out | name=cookbook |
"{4455E807-0EDB-410A-97CA-C9F17639EAA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{464AF01C-54CA-4095-AC2D-5192107C6866}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{473CF5B0-02B7-4766-B4E3-EF7E3B740CA3}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{4773B6C7-1240-4991-89D8-7C53C8C13805}" = dir=in | name=hp printer control |
"{48F0EF8E-DFF0-4743-ACEB-E8D98F218648}" = dir=in | name=skype |
"{4AB3427D-CF80-4480-A8F2-5DCED3B5AF99}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{54D91543-6865-4275-B96C-8216F52FBCA4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{56F0BA9F-5CF8-4307-B8D8-7299D21DFB9E}" = protocol=17 | dir=in | app=c:\users\marce_000\appdata\roaming\utorrent\utorrent.exe |
"{5F7739FF-998F-49CC-807B-2EA75F09B464}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{62260783-29F4-4D5F-A13D-1731964C8954}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{62FF2BD8-B41E-492D-A39A-01F76E8BFF8F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{65F2044C-9FBF-4CFF-B412-C1A16169911E}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{672AC3C5-B8A8-472E-9299-8AA1D660717B}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6798690D-C5CB-45C0-BBFD-7F656B408648}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{6A376549-47D4-4CDB-916A-967F3BC70DD5}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{6C3E8F75-E3A7-47B1-9B26-634FD09E6FEB}" = dir=out | name=pinball fx2 |
"{6C78E041-28A8-4584-AAE0-0BC22E5506CB}" = dir=out | name=music maker jam |
"{7D17ADFB-83FB-419E-96FF-2D50A198C68D}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{806683CF-CD25-4ECA-A9DB-EE5EAADB56C7}" = dir=out | name=cyberlink powerdvd be |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8165010B-F3ED-47A5-A01B-45CDE4E41381}" = dir=out | name=fresh paint |
"{823A7F24-2B02-4357-8F40-3683B56D443D}" = dir=out | name=wordament |
"{846149A2-807E-4217-863B-80B8D0435560}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{858C53E3-19BA-47FD-9F75-090BE408E511}" = dir=out | name=- games app - |
"{8B07694C-E671-4000-8619-21134D27A3CC}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{8D50AFC8-8E89-4E62-9850-AFB9F2A60B2D}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{8DAC9A4F-87D8-40B2-AF16-E1DA5B5E666F}" = protocol=6 | dir=in | app=c:\users\marce_000\appdata\roaming\utorrent\utorrent.exe |
"{8F734E07-A11E-4FCB-8EF3-E3BC0B9A2F12}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{940EDAD3-0643-4500-BE54-C71001B988BC}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{96843D8F-50DF-4F43-A819-A67471784591}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{977DCC6C-4126-46BA-86F2-E70661184801}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{9AD1AA5B-7700-4933-A5D4-A0B466EDA634}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{9D5DEB4D-714B-4908-AF9B-7C605B90FE5F}" = dir=out | name=microsoft mahjong |
"{A3D2796C-25C9-4BB8-B80F-CAF7893494DB}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicatorcom.exe |
"{A471F91F-3FC9-4D1B-BD34-74CD07CCB957}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A80FA5A0-D12D-48B8-BA14-1D6912274AE8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A91CA685-30E8-4F28-98F4-BA1E5BC4DABA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AD397D82-14A4-492E-9164-A7554224B07A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{AF83CF4F-3A54-4908-9E40-560A5E900724}" = dir=out | name=taptiles |
"{B299D901-4AE3-4AD3-BD04-4C5F87AE580E}" = dir=out | name=norton studio |
"{B99F7D20-72C1-4E01-8523-0D4957BA3F9E}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{C3A8F89A-D7E9-40E3-9D45-DD1D25F3C26F}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{C782C086-5225-4E5F-870D-12DB0F6DFFFA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{CC409802-409F-4052-AF14-BE1937D1DDC4}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\devicesetup.exe |
"{CD364BDE-9B1A-48B8-B22E-3C2DB0399AC6}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{CF5B1C70-AD59-4CEE-BEF5-FA59531EDC88}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{DEBE6471-82C9-40D2-9B8D-B013009F6B73}" = dir=out | name=skype |
"{E044FED1-3B54-4E72-B092-B1A8E9CC10BC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E2F8DCB5-CCD9-4738-BE3E-200BDC8B447B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E50A13B4-DD42-4A65-A481-B2152B735339}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EC54C03E-D694-4187-BC9A-353C8F422F55}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{F04BE7FD-F4D2-461A-95B2-F7F3A86A268D}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F28B8788-16DF-40DF-9759-AFE704AD4B14}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F4BF0B6E-AD66-4B5A-92B0-06D256DD01F0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F96E0CDA-07C1-49C2-8856-E37FF3125AA5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FA3CFFCE-4C9C-4D46-8A29-0CDADDAA565F}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{FB89F5A7-769F-4885-B0B1-E31F71CBE560}" = dir=in | name=pinball fx2 |
"TCP Query User{1E4A8BBF-E39D-4848-B4CA-8F72D8407C80}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{2AACD88F-80CC-4001-9AAF-BA3912ABC3E1}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{44446D03-93BD-4E8F-980C-A3D67D7879F0}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{7C3CAF47-708E-4110-B5F1-0EC57A28BB13}C:\program files (x86)\metro last light\metrollbenchmark.exe" = protocol=6 | dir=in | app=c:\program files (x86)\metro last light\metrollbenchmark.exe |
"TCP Query User{901DD165-1FF5-45DA-865B-8FE4E839B3B1}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{BCDC6EEC-E07B-4872-94C6-440F1B4AFF14}C:\program files (x86)\lowratevoip.com\lowratevoip\lowratevoip.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lowratevoip.com\lowratevoip\lowratevoip.exe |
"TCP Query User{F2163E69-C3C0-46F4-AFFC-C848D85D5D20}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe |
"UDP Query User{276A3107-5A8C-42EC-8B0E-0CE3796D0194}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{6A751367-7FD6-4F33-82D2-0A5138AE13B2}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{865087B7-B093-4F95-A880-9514136E5AE9}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{A43D129E-366D-422E-B082-24689001FFBF}C:\program files (x86)\metro last light\metrollbenchmark.exe" = protocol=17 | dir=in | app=c:\program files (x86)\metro last light\metrollbenchmark.exe |
"UDP Query User{C70EF68C-0389-44EE-A8E2-A434454FE919}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{E34633A2-5B05-4175-9D8A-FDC026BF3577}C:\program files (x86)\lowratevoip.com\lowratevoip\lowratevoip.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lowratevoip.com\lowratevoip\lowratevoip.exe |
"UDP Query User{FE5DA5BE-549F-42FC-9CE3-B39FE8C9C026}C:\program files (x86)\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6\hl.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0728A184-F899-4356-B93D-8228674F0DEB}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{1B77E249-B8D5-4E5E-8848-693ACEF84E6D}" = HP Deskjet 3050A J611 series Basic Device Software
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{3007FF9F-5B2C-41FF-8BFC-08BF25DB2681}" = PC Sound
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BA33BE3-20CF-4972-BD67-B44CEFA52DCB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{A772BF60-20A5-4279-A18B-B9D8DBC9B30A}" = HP Deskjet 3050A J611 series Product Improvement Study
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}" = WinZip 16.5
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"{FA8AB91A-0B41-4797-9015-9B3FBC7834CC}" = SCM
"A007E57753F87B14A4737DA95057F173950A6A3D" = Windows Driver Package - Intel (NETwNe64) net (09/12/2012 15.5.4.45)
"B16388B2E5D3CBA8F0EE88A8C5459BADAF4DE251" = KB9X Radio Switch Driver
"Elantech" = ETDWare PS/2-X64 11.13.0.2_WHQL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000B058E-E3E7-4E4D-88B1-4CEBB3D417B7}" = Windows Live Writer
"{00AA59D7-B92D-4A06-8D06-0596081C0E68}" = Photo Gallery
"{00D52195-38C5-46A3-9CBC-4104A1CD6608}" = Photo Common
"{012B4B47-5ED6-469C-8CE3-8816248DD7DF}" = Photo Common
"{0159A45D-DB64-454C-8DEE-037702F2FDF0}" = Poczta usługi Windows Live
"{0170C9A2-4FBB-47B3-B3FE-76170531EF1B}" = Movie Maker
"{01C62BE2-E4D2-4B53-9584-1A91FB3E153D}" = Photo Common
"{01FB4B77-9211-480E-8439-370C6DB71113}" = Windows Live Writer Resources
"{02082E30-6019-4F5B-B55C-025F4CE5D335}" = Movie Maker
"{02EC334E-068D-4B2C-97D0-17A416CB6DE2}" = Windows Live UX Platform Language Pack
"{0509A333-E819-400A-B5B8-1A474D96D58A}" = Windows Live UX Platform Language Pack
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{05B093D6-140B-41EA-BC35-F611800E158D}" = Windows Live Writer Resources
"{05F57124-7DDB-4141-B3E5-3C4F42491C1A}" = Windows Live Mail
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{07866716-0FAA-44F8-A1BF-BD223799378A}" = Movie Maker
"{07EDFDF9-F920-4BCB-B6FD-59DB8FFFFF47}" = Movie Maker
"{08408B4E-ADA0-4317-BF13-F63695836701}" = Windows Live Essentials
"{09C4F7A1-0AB6-477E-97BB-82FDA39DBD5D}" = Windows Live Mail
"{0ADCA84C-4276-4619-B318-38BC606476B7}" = Windows Liven sähköposti
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0B323777-EF15-423F-99E8-CDB86583992A}" = Windows Live Writer Resources
"{0B32E306-13AA-4EAE-987B-3BD1A1EC0F12}" = Photo Common
"{0B4A75B4-4C0E-4850-8F25-036B92408E1B}" = Windows Live Messenger
"{0B5FDC99-E373-4F0F-938D-42AD090BACC0}" = Windows Live UX Platform Language Pack
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{0E6639BB-C1BB-4FF5-8846-5813EF63E04B}" = 照片库
"{0F4E2825-F515-40B1-B3E6-F6C973C69E87}" = Photo Gallery
"{0FBC0FEF-FAB2-465D-9F78-8AE1D0603559}" = Windows Live Messenger
"{0FE59959-3EA2-470F-BF90-4AAA2F82E528}" = Windows Live Writer
"{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform
"{106158C6-9D6D-4540-8943-29F8983B9123}" = Windows Live Writer
"{1097A508-1F04-41EA-B972-B6A335A71260}" = フォトギャラリー
"{15C2E378-C1C9-4FE8-9F27-590726AEC593}" = Windows Live Writer Resources
"{175B4B56-63F1-464E-8286-4309E0A52395}" = Foto-galerija
"{1789AE05-5298-492C-9A4D-CDD3A98AE6A1}" = Photo Common
"{1845470B-EB14-4ABC-835B-E36C693DC07D}" = Skype™ 6.3
"{18FE3424-7C22-4EDE-A3FD-414760CC363B}" = Movie Maker
"{1943C3BD-4462-4612-92C3-D36DD917C447}" = Nero Recode
"{1951F3A1-110D-4F5B-8346-9D0E735A54E0}" = Windows Live Writer
"{1A2516F6-15CF-45F0-A14C-865742A647C3}" = Windows Live Messenger
"{1AED08A6-6BC5-4927-8FCD-FEE9ED00D2F2}" = Fotogalerie
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1B8F8F57-081B-4BEB-83A9-061C142018FF}" = Windows Live Writer Resources
"{1C604122-1DF6-4142-A9E7-C60D6A978D82}" = Photo Common
"{1DC65309-3556-4D72-BC22-0FDD529BE2EB}" = Windows Live Essentials
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20068443-0047-49D6-B25E-3322A56D7E2B}" = Windows Live UX Platform Language Pack
"{20FCB655-FF69-4BFF-9300-68C0386A51A6}" = Windows Live UX Platform Language Pack
"{233B918E-99FD-4643-BEDD-A9855A56FC3A}" = Windows Live UX Platform Language Pack
"{23AF8E37-01F3-41CD-B91C-9EF7E1F16B23}" = Основи Windows Live
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{269304A7-84ED-429C-8509-7C6AE2F3D085}" = Windows Live Mail
"{27BC77F3-6DE6-4185-A4AC-3530B50377A8}" = Windows Live Writer
"{27F0B692-6793-4631-A416-175A86440A04}" = Windows Live Writer Resources
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform
"{295A4A93-4462-4B26-9800-7706D8C22A60}" = Movie Maker
"{29C1B1BF-BF0C-46B2-A1A5-5ED7EE0C266F}" = Windows Live UX Platform Language Pack
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2AE414B5-7FE6-49A3-93C8-D864162CDEBC}" = Windows Live UX Platform Language Pack
"{2D416A80-0BB1-4D8B-B770-7BE8F53D5937}" = Windows Live UX Platform Language Pack
"{2D598A54-750B-4120-B8AD-ED938F74932C}" = Windows Live Essentials
"{2EEB5313-65AB-4C9B-B2FB-F1EDBFD18402}" = Windows Live Writer Resources
"{2FAFE37E-D796-47B8-BA8F-D09819B12DF6}" = Windows Live Essentials
"{2FBB11ED-EB28-45AC-BACF-4282EA24E8EA}" = Windows Live UX Platform Language Pack
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{302933F3-E6AD-414D-AB96-A18DBB979B1D}" = Movie Maker
"{3136AA57-563A-4BF4-98A5-CC0276BF4DC0}" = Fotogalerija
"{318F37F2-82D4-414A-AA5A-9EE9EB186744}" = Windows Live Essentials
"{3221ABB3-A940-4030-AA86-C0DA75BCD176}" = Windows Live UX Platform Language Pack
"{34A9A026-3421-4310-A97A-4D6FCD582275}" = Windows Live UX Platform Language Pack
"{34D42BA7-804F-41CB-A7F5-6C1E5169422F}" = Windows Live UX Platform Language Pack
"{35A6026B-195A-4EBA-A16E-47E9CC2D1FA1}" = Movie Maker
"{35BD47F4-C19B-474F-AACC-E8C0BE38148A}" = Photo Common
"{35FA69FA-49DD-4BDF-8140-7DC2C4472C45}" = Fotoğraf Galerisi
"{3668CB0E-910D-43FE-9EDB-B07754E1CF24}" = 影像中心
"{36C704E9-C7FC-44C1-847E-DC9470414709}" = „Windows Live Essentials“
"{37583C76-E48F-4AA4-BD2A-141A0830F799}" = Windows Live 메일
"{377DE7D7-3C49-4D79-B23E-3E466096262E}" = Windows Live Writer Resources
"{37D33036-532F-4D9D-8827-D47D8C5C6E0E}" = Windows Live Writer
"{38547BC2-D932-4D3D-88DB-B0C33A34B469}" = Windows Live Messenger
"{399F0DD6-ADDE-4C88-8312-617C03CECB1E}" = Windows Live Writer
"{3A96872B-401D-41B1-A25F-32419F9060EF}" = Windows Live Messenger
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3C57F8BF-1ED1-43E7-A174-CA8B2613C8C0}" = Windows Live Writer Resources
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EAE58C0-7C36-40C3-ACED-0CABF2F46BCF}" = Windows Live Writer Resources
"{3EF3A400-BC02-4345-AF19-297ED2D71DF4}" = Windows Live Messenger
"{3F52385B-AB6E-4E6E-9EDC-65E8F689BAE3}" = 사진 갤러리
"{400CBE05-CC6E-4AD8-9596-289584AD7232}" = Windows Live Mail
"{40DD2F13-254D-46BD-80B1-34E4677263A4}" = Windows Live Writer Resources
"{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}" = Movie Maker
"{41FEC76C-9F4C-4A9A-B872-C605A4E04BBF}" = Photo Common
"{4214AA76-A3A6-41FD-A8ED-DA2A5C533733}" = Windows Live UX Platform Language Pack
"{43475DF9-3F29-4C45-9045-BDCEF39C17E8}" = Windows Live Writer
"{437F2A1E-1C01-4EC5-BF32-61ED518D3BEB}" = Windows Live Pošta
"{438C2993-99AA-43F7-BA0B-1A13A75E5426}" = Windows Live Writer Resources
"{43C1D630-B6A4-4F9A-BF59-7C35F5907E11}" = Фотоальбом
"{44820091-773E-471A-AAE1-DC032B8AE842}" = Movie Maker
"{44E89CCA-BB20-4EA6-80EB-4126E886F83D}" = Windows Live Mail
"{45B29A59-D180-4BFC-A93D-DDD7E65647C8}" = Photo Common
"{45FF1061-E2E3-4EDF-97A3-B87BB2ABBAC0}" = Windows Live Writer Resources
"{460ED3EF-6016-4234-8310-87CD46A2A898}" = Movie Maker
"{46316411-80D8-4F68-8118-696E05FCE199}" = Windows Live Essentials
"{4689F012-C8E3-4F6E-BDEF-13671D53A6DC}" = Windows Live UX Platform Language Pack
"{46AEE281-3436-46EF-A36D-163F7125A290}" = Galeria de Fotos
"{46B14AF1-EDFA-4088-AB2B-22A8128A1C54}" = Photo Common
"{47881AEC-14D1-4BDE-9B8B-F55CA85D080F}" = Photo Common
"{48ADF615-F7E5-4805-8ABF-4FCB04A2BE58}" = Windows Live Mail
"{491FCC06-244A-471D-974D-D7A59ED70B3F}" = „Windows Live Mail“
"{49400307-EEC4-4C71-94C1-B419194F7290}" = Windows Live Writer Resources
"{4C0D8B3E-63F0-4773-83F5-C5B7795B0FB8}" = Photo Gallery
"{4D60765A-2FF1-4848-BDFD-CEA79458F59B}" = Фотографии (общедоступная версия)
"{4DAB6CA2-71C2-4B28-A4D4-5F6E62E44D93}" = Photo Common
"{4EC46205-3666-4325-9A42-AB00C92E755F}" = Photo Common
"{4EFAC13A-6A1D-4A2A-8F4B-056ADBBF39E4}" = Movie Maker
"{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE
"{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions
"{4FE09BED-6F4C-47B9-9C46-DC1B7083CCF1}" = Windows Live UX Platform Language Pack
"{5059436D-B480-494A-8F88-5CACFA883F2B}" = Windows Live Essentials
"{506844CE-9759-46F7-8E22-852F46F4629B}" = Photo Gallery
"{510044D7-E70F-41C6-826A-A53C236B6FC5}" = Windows Live Writer Resources
"{528AD614-8846-4A9A-9981-AC258563A6E0}" = Windows Live Writer
"{52FE9150-B4B1-42BE-8F05-7D559757E450}" = Movie Maker
"{53EFA2AB-A58A-45BB-A044-47AC232FF0FE}" = Windows Live UX Platform Language Pack
"{547C128A-691D-4D09-B195-AC5194C07403}" = Windows Live Temel Parçalar
"{54DF8219-0386-4577-B943-3E9807F0663B}" = Windows Live Mail
"{55F84131-D974-4CDA-AD01-C7DDAA3F19F2}" = Windows Live UX Platform Language Pack
"{5663661E-25EB-40D6-ADA2-83D6D84A368A}" = Windows Live Writer
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5724CD7B-8AFC-4DE5-BF65-59272B22B25E}" = Windows Live Essentials
"{57B0AA0C-3B99-435E-9CEC-2EF61CBCEF5F}" = Основные компоненты Windows Live
"{57EC0BAF-E65F-4758-A6AB-586535C870A2}" = Windows Live Essentials
"{5932CF7B-00D6-4B31-A849-554C3C68E0EB}" = Windows Live Essentials
"{5A25CBED-9F0C-40A6-B06A-3CE81CAB375E}" = Windows Live Mail
"{5B5FD463-1514-4813-BC65-C512A30378A6}" = Windows Live Writer Resources
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{5BD54B96-C51E-4CE0-A507-1B606EE4364E}" = Photo Common
"{5CC4C963-F772-4766-BFF2-DE551E205EE9}" = Photo Common
"{5CD2E27A-F2C9-4A87-9A06-DFAF9A182481}" = Nero Express
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D382E05-9CFA-45A5-962B-8F578E7D3A23}" = Photo Common
"{5D425F10-407D-44DC-B464-A2586349CA71}" = Windows Live Writer
"{5DBE54E2-C86B-4350-948B-461DC9FF6D20}" = Windows Live Messenger
"{5F00227C-7D06-4CCE-A064-8C98787029FE}" = Windows Live Writer Resources
"{5F86FE78-D294-448C-9993-B9AFB62BE456}" = Movie Maker
"{60A1253C-2D51-4166-95C2-52E9CF4F8D64}" = Photo Gallery
"{60ADEF86-A867-47A0-9C8E-9B7E2AB3F87C}" = Windows Live Writer Resources
"{61889FC7-9738-439A-96B3-17AF981BDDEF}" = Movie Maker
"{618F39BD-9720-47CF-A89C-108AB41B1493}" = Windows Live UX Platform Language Pack
"{619FA785-489B-4D22-911F-82D6EDF5BDB0}" = Battery Calibration
"{62813F65-4D78-43AF-A53C-DFAFA122E065}" = Windows Live Messenger
"{63240270-28DC-4CEB-B796-F3BBA966B1CA}" = Windows Live Messenger
"{63535877-2396-4437-9BF5-C9BE41EE7677}" = Windows Live Essentials
"{643D412F-A46E-4D3D-832A-2D24A9AF85A8}" = Movie Maker
"{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{67E78A3A-617B-4DD1-975D-7100CF4AC9E6}" = Windows Live 软件包
"{698ED639-3A26-49EF-B1EF-CD89CB97C778}" = Windows Live Essentials
"{6B75C5F6-7FDA-4E8F-97D7-B74925857729}" = גלריית התמונות
"{6BF29613-DEEF-44BA-93C1-431B9723041C}" = Windows Live Mail
"{6C4BAF40-14F7-44F2-9B9A-C697DA797EF4}" = Συλλογή φωτογραφιών
"{6DBC903D-396C-4389-9233-AC2DDB200994}" = Windows Live UX Platform Language Pack
"{6EB052E8-5EE9-4112-B73B-E3F6CD5EE64B}" = Windows Live UX Platform Language Pack
"{6F0C74FE-78BB-417E-969E-BB756F21ADEA}" = Windows Live Writer
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{70243563-AFF3-4B6A-B267-05BA140BFBB2}" = Windows Live Essentials
"{70D4BC7B-BA81-4385-B32E-045CB20C61DB}" = Windows Live Essentials
"{70E5A613-5A04-42D9-B2CF-C99809BB6E0D}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D1898F-DFAE-4E0F-B57A-97F5F557EA3A}" = Windows Live Messenger
"{723E4732-695B-4628-B5EC-A98EA34AA0F0}" = Movie Maker
"{72E76708-0A4F-4586-9312-95A0CA8AD3D7}" = Windows Live Messenger
"{734A76AB-7427-4F31-8F91-1094523C6215}" = Windows Live Writer
"{7359585E-A828-4EFC-8177-7D1883DDA0B5}" = MSI Remind Manager
"{741ECBB6-1A0B-42F1-A7BF-76222734A63A}" = Movie Maker
"{749D0B62-5610-4ADE-82E6-399E6B4DAD80}" = Windows Live Writer Resources
"{74D68BE3-3804-4066-A244-B4C7A9D9F156}" = Movie Maker
"{7541F284-7167-4729-B1C1-0A3F7FC38EF3}" = Windows Live Messenger
"{75FCD3A9-D7F8-46AD-BC90-91A6364B9334}" = Galeria de Fotografias
"{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer
"{78136417-2ABA-47D0-A462-FBF55155EF8B}" = Movie Maker
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78F35489-621D-4FFD-BCE7-2C7C3897E47C}" = Windows Live
"{7914488D-F56B-464F-B735-F8E972E5E208}" = Photo Common
"{7938AD90-AFEE-4573-AFC3-E5C20EE38759}" = Photo Common
"{7967FE1D-16E7-4B39-858B-BBFC67070EC6}" = Windows Live Writer
"{799AF91B-A07A-4E5A-AFCF-EB1E45ADDD0D}" = Windows Live Messenger
"{7A214298-DDD9-470E-895D-A8051ECA0093}" = Windows Live UX Platform Language Pack
"{7AEEF79F-4278-4510-AAD0-23AD14508217}" = Photo Common
"{7AFB4A8D-F1CE-41E5-A18A-00A095447632}" = Фотогалерия
"{7CCDEF0B-C593-49F0-9A8F-C06F00DF2143}" = Photo Common
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{7D212065-7CC7-4BE4-9084-A8C2C687A72F}" = Windows Live Mail
"{7EC2E709-8ACC-48CA-9F67-2534C5C6A859}" = Windows Live Writer Resources
"{7F2B444B-8D7D-4E46-A5D0-A3309B7B587A}" = Windows Live Essentials
"{7F682A00-6497-4551-A2A6-063AE667D1CF}" = Movie Maker
"{7FC256D7-7BC4-418D-A5BD-A86542C7E06C}" = Fotogalerii
"{7FF60141-ECA3-46F0-AB83-58FCC64F8935}" = Windows Live Messenger
"{803D4B7D-71CD-46B9-8F89-8BFD73920FAF}" = Windows Live UX Platform Language Pack
"{80836C86-1305-40C9-B7C9-F3A75266070D}" = Nero 12
"{81019508-84DC-476E-8C49-BD77A61217D9}" = Fotogalleri
"{810EED37-2024-4C10-B266-5A8CCB3D1A65}" = Windows Live Writer
"{81E8E002-B85D-41A1-B085-850458716F52}" = Фотоколекція
"{827B97A9-B347-4110-9F89-37AF2B758F94}" = NHL™ 09
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{83519650-D9E7-46E1-BC78-AE5BEC99D5FB}" = Windows Live Mail
"{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}" = Nero Video
"{84BEAA30-1AF1-450B-9DD7-AD38B84004BA}" = Windows Live Messenger
"{85AC15A4-3C6D-4DA5-9DCE-C3396905CF9E}" = Windows Live Writer Resources
"{86847081-B387-4F49-AED1-C9B0A090D66C}" = Nero Recode Help (CHM)
"{8698AFE8-285C-44EA-A282-13DBD7039F1C}" = Photo Common
"{86CAC8DE-288A-410D-A4A4-0190060E69AE}" = Raccolta foto
"{86F56921-A690-4FD8-87B6-7BEAC39D2500}" = Photo Common
"{870B61C1-8F1B-44E2-8BF5-5F1B8351BA5A}" = Windows Live Writer
"{87A82E0C-03BE-4574-A88E-CAAD8819A4A9}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89DCA982-BA73-4379-9786-F3CA431FF6AD}" = Fotogalerija
"{8A05A5FC-339B-434E-B46E-B74A5D5E1BDB}" = Fotogaléria
"{8AB3FBDE-CCF7-4055-98EF-A1FBC7B661E9}" = Movie Maker
"{8BE01561-9570-47E3-8B7F-D6A80005B970}" = Windows Live Essentials
"{8C5935EF-ECAD-4323-99B8-67AB6163D4D2}" = Photo Common
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E2E1D4E-1F96-4361-9A69-0F513E3A4A25}" = Windows Live Messenger
"{8E5146B4-EC6A-4C5D-82B7-30F825FF1A91}" = Windows Live Writer Resources
"{8EEED220-D348-4F49-8C82-B11F6C5450C7}" = Movie Maker
"{8F16159F-116C-4EC1-944C-DE491C8FFA4A}" = Windows Live Messenger
"{9034CF8C-8864-4405-B7DD-38BB16209880}" = Windows Live Writer
"{90B936B2-33E6-4FE8-9A64-08EEB42AF2B1}" = Podstawowe programy Windows Live
"{9268DD4E-72A7-410D-A6EC-DF510C1E4989}" = Windows Live Messenger
"{92C0275C-86EA-4FA4-86E3-7C90C6F640F2}_is1" = Mafia II Kompletní Edice verze 1.4
"{93DE5374-7719-45D5-A989-0889D792569C}" = Windows Live Writer
"{954FC3E4-61C1-43BC-AB13-F0CCF145716D}" = Windows Live 程式集
"{959BC6D1-38C8-441F-9466-9ECCD4E68413}" = Galería de fotos
"{96AA21F4-C8CE-4380-995A-992536463263}" = Galeria fotografii
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97373E60-D071-418A-87F1-A969EEEEBDAC}" = Windows Live Essentials
"{976BD361-BD7C-49D5-8423-3E98DD480E1F}" = Windows Liven peruspaketti
"{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series Help
"{9846E46F-07E0-4BDF-985A-E3FBA8C15877}" = Movie Maker
"{98994720-A230-4F45-875C-AD56E28448F1}" = Windows Live Mail
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3997FD-359F-42B9-9C6F-82B8378BAAD8}" = Windows Live UX Platform Language Pack
"{9AC00E00-8C6F-4456-BE8D-56E9A4106CB1}" = Windows Live Writer Resources
"{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery
"{9BC2BB12-8EB4-43D9-97D0-FE1BFCD25903}" = Windows Live Messenger
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC77921-F397-43AE-8CA2-EDD0982BA25A}" = Windows Live Writer Resources
"{9D4E75DB-519C-4A25-B8D1-97FB673E50C5}" = بريد Windows Live
"{9E999C62-72A5-4A15-B4F4-37731062030A}" = Windows Live Messenger
"{9F255ECE-A887-442C-A48C-61BD6BAE5559}" = Movie Maker
"{9FB5E2F2-510A-4D1D-AE5A-82EC382A5D8C}" = Galerija fotografija
"{A0080F8F-06D3-4409-8148-59D53EE1CF25}" = Windows Live Essentials
"{A013F3E3-5F8E-43E0-BBCE-BA76F69E457B}" = Windows Live Messenger
"{A15FF85A-065C-4138-A934-113FDF8691EA}" = Windows Live Essentials
"{A18C79C7-3D5D-457A-9C89-8B5F78F1FE56}" = Windows Live UX Platform Language Pack
"{A29F0905-84B3-4D7C-8987-0F402BF1E78E}" = Windows Live Mail
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A35223E2-05BB-44D3-83A3-AF15C7ACD38D}" = Windows Live Writer Resources
"{A399BFB9-2588-4903-B9E2-4F454BC0670D}" = Windows Live Messenger
"{A3E2CF81-515B-4881-8F21-95B3B2F24A15}" = معرض الصور
"{A45B1FCC-C091-45F7-90DB-967421945319}" = Windows Live Messenger
"{A4A06F18-206F-476C-9D57-E272B446B09C}" = Galerie foto
"{A4C39979-BBCA-4781-AE37-DDDE679E1F74}" = Windows Live Writer Resources
"{A5163E8D-19B6-4AFD-A43B-9723A1796AE3}" = Windows Live Messenger
"{A59DA39F-305C-44A0-9747-0646A31394CA}" = Windows Live Essentials
"{A5D8B1C2-4B2E-42F1-ADB4-D0308A4F5C6F}" = Windows Live Writer
"{A61E1C37-814A-42D8-8CF6-E49D729A4A9B}" = Windows Live Writer
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A929A7EA-4DFB-48F9-AAF6-C880DF64FB73}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA04DFE7-C921-43AD-9A70-595DE6C5A881}" = Valokuvavalikoima
"{AA573301-DDE1-410A-9492-89CD5D76CD94}" = Windows Live Writer
"{AAA96570-FD87-4E07-87C6-7B3FA40A00A9}" = Windows Live Mail
"{AAC1C6D9-6EB3-4E76-9692-BD065BD68901}" = Windows Live Mail
"{AAFCCC4E-587E-4493-9C11-AB75F208CF1B}" = Windows Live Writer Resources
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1051-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Slovak
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AEBE7912-AA50-42EB-BBDA-AB352C4D8FAA}" = Movie Maker
"{AFDA5989-2057-4388-A208-576D65024AD4}" = Windows Live Writer
"{AFDCB551-9506-41FB-ADBD-678321A0E5F6}" = Windows Live Mail
"{AFFBC271-AA8F-4908-BEAE-491B96AC57C4}" = Windows Live Mail
"{B0E87EA7-D9E5-4E5A-ADF5-302C3813CF10}" = Windows Live Writer
"{B128179D-A5E1-43AC-9422-12A109ECD2A0}" = Nero Video Help (CHM)
"{B19E03EA-067C-412F-A81E-271720E601AB}" = Fotogalerie
"{B23B230A-F9CD-4B6C-9202-24257A549CBB}" = Windows Live Writer Resources
"{B25D84F2-16D6-42BB-BF24-158C7676D0B6}" = Windows Live Mail
"{B27FA0A3-D80F-41A9-8BAD-C5F2D859AB22}" = Photo Common
"{B2A814DF-B976-438D-92D0-54B53281F27F}" = Windows Live Writer Resources
"{B410D843-920F-41AB-AE7F-F0C67498C113}" = Windows Live UX Platform Language Pack
"{B417B07D-3373-458A-A431-0F7E3742F182}" = Почта Windows Live
"{B6829511-95BB-46FC-9030-957D54B8EFE2}" = Windows Live UX Platform Language Pack
"{B690AA36-1F69-469A-92DC-256688BD2568}" = Windows Live Mail
"{B767B935-0E5F-4FF9-B758-71253603D93E}" = Windows Live Messenger
"{B8292FC1-3D39-43A0-B65B-BADDA11151FB}" = Windows Live Essentials
"{B89EE842-D398-4EAC-A3DF-47280B285DD9}" = Windows Live Mail
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{B997C04C-DEED-4D49-8CEC-0EF040DF20CB}" = Photo Common
"{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform
"{BB8C0B7D-95DE-4526-85C8-ADF71D66F279}" = Windows Live Messenger
"{BD864768-6E1F-4053-AC66-5DC5BC8958E6}" = Windows Live Writer
"{BD907BBE-3C60-4F5B-96C0-9F9D23890810}" = Photo Common
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{BECFE8E0-4171-4562-8ED4-CBC4594204C9}" = Windows Live UX Platform Language Pack
"{BFC0D53D-3B7F-42FF-9159-3821B593A0B7}" = Windows Live Mail
"{BFFEB021-90EF-47FB-A9E2-1AB13B36A04B}" = Windows Live Writer
"{C2CDACDF-EC5C-4F9F-B2D7-D6486CFAAD58}" = Fotótár
"{C33EA3F2-015B-48EE-A3ED-AFFDDC19E74A}" = Windows Live Messenger
"{C50ECBA4-CD35-47E6-B0A9-D22C8045B1F7}" = Windows Live Messenger
"{C5335524-82F2-4C78-8A86-7B44AD1946FB}" = Windows Live Essentials
"{C60589D9-9881-4ED8-AF7B-1F955542381F}" = Photo Common
"{C782709A-0F72-4BCF-961B-3F40E2619A32}" = Windows Live Mail
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CB11603E-C53E-4690-B73E-BC6E1317796B}" = Movie Maker
"{CBB00A31-1E0F-458C-BA15-0BAFF0567772}" = Windows Live Mail
"{CCDB7ADB-1643-4C30-B39D-1562CFE51420}" = Movie Maker
"{CD8F936D-7BA3-4902-B0A0-7D96C69E1193}" = Fotogalleriet
"{CDA04BEC-2F20-4E3C-A0E0-D75C8DE255D8}" = Windows Live Writer Resources
"{CF508721-0E1E-4F99-A359-59E4EA8DAEC1}" = Nero Burning ROM
"{CFDA5476-639A-45B9-AEA3-C8D6CD92B414}" = Windows Live Writer
"{D0873221-A48B-4A2F-9D34-5F0C21725CF5}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D296620B-C85E-4890-A9B3-197A521B3457}" = Photo Common
"{D436D212-1381-485A-BE46-32E1E2A95D98}" = Windows Live UX Platform Language Pack
"{D48BCCD6-D2E2-42F4-B8E8-D7BC10C568EC}" = Windows Live UX Platform Language Pack
"{D4C1DC3F-F1C4-4DAB-9DF9-73741965AB8E}" = Windows Live Essentials
"{D531FC91-6F4E-49A7-B912-15289D05B6F8}" = Photo Common
"{D555C389-F793-443A-B012-A3D70590CF3D}" = Windows Live Writer Resources
"{D6C0EDA5-7E06-4F01-895D-B08BBE82AC82}" = Windows Live Mail
"{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker
"{D775D71D-C54B-41AE-97C2-EDEEBCA4FFCF}" = Windows Live Messenger
"{D77A6FED-256C-4E2F-9873-59C92C854A4E}" = Photo Common
"{D969C468-FCB8-4BFF-A480-33C0A6F7EA64}" = Windows Live Mail
"{DA22811F-4A83-4FE3-959F-1F26B64BA54B}" = Windows Live Writer
"{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}" = Nero BackItUp
"{DB55AFF5-B83E-43A9-8D48-903D2FB0FBB8}" = Movie Maker
"{DB5D7E49-A671-4FCD-9708-3B2BC93DA995}" = Windows Live UX Platform Language Pack
"{DC2CB432-D3B9-4F81-8ACB-7775FD5202E5}" = Photo Common
"{DCCC9E33-B234-42D9-9321-F1B961D3568F}" = Windows Live Messenger
"{DDDC459A-9197-40D6-A4A4-83C46A702550}" = „Windows Live Messenger“
"{DE4E45CB-BA8F-4D82-81DA-22E93E522053}" = Photo Common
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DF6478C8-7643-4E80-8077-3D51614A3DBA}" = Movie Maker
"{E044491E-D6E6-48C5-A5CC-BBFA96F19246}" = Windows Live Writer Resources
"{E0970F37-1FFF-46D9-B2EB-43F2E1F01814}" = Windows Live Mail
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E11BBB8C-AF78-4188-A429-74F7A51C5486}" = Windows Live Writer
"{E13586CB-4E3A-41D3-BE97-2DA9C86CE6E9}" = Windows Live Writer Resources
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E195A4C0-2684-467D-B7DC-E82D5C8310A2}" = Windows Live Writer
"{E1B7239A-120F-4676-9B19-D2B028BEBDD1}" = Windows Live Essentials
"{E1DA4302-1C06-4533-AF6D-9D68B01FCB34}" = Movie Maker
"{E34D85BE-A74F-4D30-9E4F-C250AFE970A2}" = Windows Live Writer
"{E3B75D04-2C2B-4423-8800-BF8BF345E504}" = Photo Common
"{E48271CD-6325-41A0-A5B8-593CC01DA131}" = Movie Maker
"{E48B3EBF-0CEC-43AB-AC12-B36439ABE14C}" = Movie Maker
"{E51363F9-BA22-4069-A5CB-B17A9EB06BB9}" = Windows Live UX Platform Language Pack
"{E5AB071E-70C4-4489-81CC-03A2C56E24CE}" = Windows Live Writer
"{E5E19577-2ECC-4C8E-A342-79D160A06097}" = Windows Live UX Platform Language Pack
"{E60D9CA8-14A6-4F56-BA12-D9D8C8004E09}" = Windows Live Messenger
"{E6B296EB-09A3-45A9-8580-949E28622E5B}" = Windows Live Essentials
"{E8F373BC-AAE2-4DC7-9853-B6A83CC88793}" = Movie Maker
"{E9CA6D2F-30AF-48DB-8B29-6593AA68D61B}" = Windows Live UX Platform Language Pack
"{E9E878AA-FF39-43EF-BDFE-01C17A0DD490}" = Windows Live Writer Resources
"{EA53D435-3740-4513-A519-484D2BF659FA}" = Windows Live Writer Resources
"{EAE21C98-7208-46B6-A10F-9317E1AA63F8}" = Windows Live Messenger
"{EBFCBD05-77A3-4FC3-A6D2-27218B61D957}" = Windows Live Essentials
"{ECDAE6DC-6198-4102-96A7-29DA1085B79D}" = Windows Live Messenger
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F00A825A-2FDF-4569-BAF4-823EA08D775B}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0DA672E-15DB-4413-BE2D-887DD1513607}" = Windows Live Writer
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CE08B9-2D76-40A3-8BE8-342FC15D62F6}" = Pošta Windows Live
"{F2D28001-14A6-4A8C-96A1-DB638CACC9FA}" = Windows Live Writer
"{F3EECDE9-68D3-404D-A29B-9DFC72FE48F0}" = Windows Live Messenger
"{F47B3C23-A897-4E91-B965-89B3303EBCA4}" = Windows Live メール
"{F5153DD9-B31E-48DA-BBB3-34E9428DA84B}" = Movie Maker
"{F589F1FD-0876-41BA-A5A5-BBF2FF109C77}" = Windows Live Writer
"{F853F496-6AE9-40C9-96B2-78EF40881C3E}" = Windows Live Messenger
"{F86A4F2E-3006-49A2-BDFC-77AD9BB167D4}" = Fotoattēlu galerija
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F9328515-878F-4AB9-A113-104DD1A1F6EB}" = Photo Common
"{F9E241E1-4C26-4B63-AF6F-0E2CBB62F537}" = Windows Live Writer
"{F9E652C8-88D6-4056-B00A-DC3E4529A421}" = Windows Live UX Platform Language Pack
"{FA2056CD-649B-4CB8-B180-61BF1C20E222}" = Photo Common
"{FB76A294-A78A-4356-87C7-31F0278DF4FB}" = Windows Live 필수 패키지
"{FC278470-09B6-4F42-A84A-58BAB03CA422}" = Windows Live Mail
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FDF614F8-710F-4C28-A90F-07A9BC82774D}" = Windows Live UX Platform Language Pack
"{FE58D81E-30CE-4C73-9A52-28E886B62B91}" = Windows Live Writer Resources
"{FE8DFDD0-A543-4A83-B7A9-C411138194D5}" = Galerie de photos
"{FECB76C1-1C1D-4A84-8D47-5754C74B5A5E}" = Junk Mail filter update
"{FFA276E9-E93B-409B-8961-5F083B0A3794}" = Windows Live Writer
"AC3Filter_is1" = AC3Filter 2.5b
"Counter-Strike 1.6" = Counter-Strike 1.6
"DAEMON Tools Lite" = DAEMON Tools Lite
"Fraps" = Fraps
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"LowRateVoip_is1" = LowRateVoip
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Metro Last Light_is1" = Metro Last Light 1.0.0.2
"Need for Speed Most Wanted 2012_is1" = Need for Speed Most Wanted 2012 v1.0.0.0
"PunkBusterSvc" = PunkBuster Services
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2088791548-2596210193-3422292274-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14/08/2013 03:03:09 | Computer Name = Marcel | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 14/08/2013 03:03:09 | Computer Name = Marcel | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1094

Error - 14/08/2013 03:03:09 | Computer Name = Marcel | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1094

Error - 14/08/2013 03:03:10 | Computer Name = Marcel | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 14/08/2013 03:03:10 | Computer Name = Marcel | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2172

Error - 14/08/2013 03:03:10 | Computer Name = Marcel | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2172

Error - 14/08/2013 03:03:11 | Computer Name = Marcel | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 14/08/2013 03:03:11 | Computer Name = Marcel | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3203

Error - 14/08/2013 03:03:11 | Computer Name = Marcel | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3203

Error - 14/08/2013 03:03:12 | Computer Name = Marcel | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

[ System Events ]
Error - 17/08/2013 04:02:47 | Computer Name = Marcel | Source = Service Control Manager | ID = 7001
Description = The Workstation service depends on the Network Store Interface Service
service which failed to start because of the following error: %%1068

Error - 17/08/2013 04:02:47 | Computer Name = Marcel | Source = Service Control Manager | ID = 7001
Description = The SMB MiniRedirector Wrapper and Engine service depends on the Redirected
Buffering Sub System service which failed to start because of the following error:
%%31

Error - 17/08/2013 04:02:47 | Computer Name = Marcel | Source = Service Control Manager | ID = 7001
Description = The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector
Wrapper and Engine service which failed to start because of the following error:
%%1068

Error - 17/08/2013 04:02:47 | Computer Name = Marcel | Source = Service Control Manager | ID = 7001
Description = The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector
Wrapper and Engine service which failed to start because of the following error:
%%1068

Error - 17/08/2013 04:02:47 | Computer Name = Marcel | Source = Service Control Manager | ID = 7001
Description = The Network Location Awareness service depends on the DHCP Client
service which failed to start because of the following error: %%1068

Error - 17/08/2013 04:06:01 | Computer Name = Marcel | Source = DCOM | ID = 10005
Description =

Error - 17/08/2013 04:06:01 | Computer Name = Marcel | Source = DCOM | ID = 10005
Description =

Error - 17/08/2013 04:06:21 | Computer Name = Marcel | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =

Error - 17/08/2013 04:15:54 | Computer Name = Marcel | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).

Error - 17/08/2013 04:46:15 | Computer Name = Marcel | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =

< End of report >

#13 Příspěvek od **vyosek** » 19 srp 2013 22:57

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\..\SearchScopes\{BDED8663-1C27-42B7-86E4-0B859B2832B9}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
IE - HKLM\..\SearchScopes\{BDED8663-1C27-42B7-86E4-0B859B2832B9}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
IE - HKU\S-1-5-21-2088791548-2596210193-3422292274-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.search.yahoo.com?type=114576&fr=spigot-yhp-ie
IE - HKU\S-1-5-21-2088791548-2596210193-3422292274-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2088791548-2596210193-3422292274-1002\..\SearchScopes\{2A97684D-EE44-489B-A131-AF7E7656A75D}: "URL" = http://uk.search.yahoo.com/search?fr=ch ... =512435&p={searchTerms}
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{3e35f77f-0724-11e3-be9c-0cd2923ddab4}\Shell - "" = AutoRun
O33 - MountPoints2\{7ee7fe7f-f07f-11e2-be7b-0cd2923ddab4}\Shell - "" = AutoRun
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Inf\Intel Storage Counters\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0000\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0000\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0001\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0001\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0005\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0005\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0006\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0006\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0007\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0007\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0008\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0008\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0009\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0009\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\000A\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\000A\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\000B\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\000B\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\000C\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\000C\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\000D\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\000D\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\000E\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\000E\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0010\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0010\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0011\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0011\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0012\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0012\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0013\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0013\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0014\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0014\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0015\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0015\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0019\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0019\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\001D\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\001D\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\001F\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\001F\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0404\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0404\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0416\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0416\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0804\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0804\*.tmp -> ]
[1 C:\Windows\Inf\Intel Storage Counters\0816\*.tmp files -> C:\Windows\Inf\Intel Storage Counters\0816\*.tmp -> ]
[2 C:\Windows\Panther\*.tmp files -> C:\Windows\Panther\*.tmp -> ]
[1 C:\Windows\RE_DRIVE\RECOVERYCD_ISO\RECOVERY_DVD\*.tmp files -> C:\Windows\RE_DRIVE\RECOVERYCD_ISO\RECOVERY_DVD\*.tmp -> ]
[1 C:\Windows\System32\catroot\*.tmp files -> C:\Windows\System32\catroot\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\WinSxS\*.tmp files -> C:\Windows\WinSxS\*.tmp -> ]
[2013/08/19 08:32:58 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/08/19 11:16:04 | 000,000,956 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

iasak1982 · #14 Příspěvek od **iasak1982** » 20 srp 2013 09:10

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BDED8663-1C27-42B7-86E4-0B859B2832B9}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDED8663-1C27-42B7-86E4-0B859B2832B9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BDED8663-1C27-42B7-86E4-0B859B2832B9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDED8663-1C27-42B7-86E4-0B859B2832B9}\ not found.
HKU\S-1-5-21-2088791548-2596210193-3422292274-1002\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-2088791548-2596210193-3422292274-1002\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2088791548-2596210193-3422292274-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2A97684D-EE44-489B-A131-AF7E7656A75D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A97684D-EE44-489B-A131-AF7E7656A75D}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e35f77f-0724-11e3-be9c-0cd2923ddab4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e35f77f-0724-11e3-be9c-0cd2923ddab4}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ee7fe7f-f07f-11e2-be7b-0cd2923ddab4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7ee7fe7f-f07f-11e2-be7b-0cd2923ddab4}\ not found.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFE19.tmp\Microsoft.PowerShell.Commands.Diagnostics.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFE19.tmp folder deleted successfully.
C:\Windows\Inf\Intel Storage Counters\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\tmp90E3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0000\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0001\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0005\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0006\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0007\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0008\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0009\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\000A\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\000B\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\000C\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\000D\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\000E\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0010\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0011\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0012\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0013\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0014\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0015\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0019\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\001D\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\001F\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0404\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0416\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0804\tmp90C3.tmp deleted successfully.
C:\Windows\Inf\Intel Storage Counters\0816\tmp90C3.tmp deleted successfully.
C:\Windows\Panther\_s_4EAD.tmp deleted successfully.
C:\Windows\Panther\_s_53D0.tmp deleted successfully.
C:\Windows\RE_DRIVE\RECOVERYCD_ISO\RECOVERY_DVD\MasterHDD.tmp deleted successfully.
C:\Windows\Temp\CR_B075F.tmp folder deleted successfully.
C:\Windows\WinSxS\Reserve.tmp deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: marce_000
->Temp folder emptied: 9231426 bytes
->Temporary Internet Files folder emptied: 7557140 bytes
->Google Chrome cache emptied: 399020488 bytes
->Flash cache emptied: 1234 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 84480 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2317482 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 97385 bytes
RecycleBin emptied: 1531964 bytes

Total Files Cleaned = 400.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: marce_000
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: marce_000

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 08202013_090420

Files\Folders moved on Reboot...
C:\Users\marce_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#15 Příspěvek od **vyosek** » 20 srp 2013 09:17

OTL udelalo co melo, jak se chova PC

VIRY.CZ

SpomalenyStart,WINrobi vsetko spomalene-prosim o preventivku

SpomalenyStart,WINrobi vsetko spomalene-prosim o preventivku

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent

Re: SpomalenyStart,WINrobi vsetko spomalene-prosim o prevent