VIRY.CZ

Dobry den, notebook lenovo, po otvoreni chrome zacnu bezdovodne vyskakovat okna zo strankami, uz som aj vymazal udaje z chrome a stale to iste. Dik za pomoc

Zdravim

Jelikoz vestit zatim jeste moc neumim, dejte nejprve log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenovo at 2014-07-12 10:54:54
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 384 GB (81%) free of 477 GB
Total RAM: 3662 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:54:58, on 12. 7. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lenovo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... l&tsp=5282
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0058362 - {11111111-1111-1111-1111-110511831162} - C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-bho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-825478306-3476294081-1402375209-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-825478306-3476294081-1402375209-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5841107-6E9C-42AD-91AA-A66A7B8FD3AA}: NameServer = 213.151.222.34 85.237.225.250
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\[ProductName]\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Mobile Broadband Service (WMCoreService) - Ericsson AB - C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14231 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\ibmpmsvc.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5b02e689-3964-40d7-9956-2f643e3467cb -SystemEventPortName:HostProcess-ce5adf92-c4dc-400f-83b4-ea9c8e32254b -IoCancelEventPortName:HostProcess-e206beb5-44c4-4d32-8d80-ddab26a43ce2 -NonStateChangingEventPortName:HostProcess-abdbec3d-442a-4402-9257-26296081e235 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ab7e6850-7da5-441f-a556-521e021bd3e2 -DeviceGroupId:
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 28709536
\??\C:\Windows\system32\conhost.exe "-1133235896-117723874211501222191905361481242671895176029758-14386629701364915101
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {F4F7441D-12BF-4581-8D90-074A30560D4F}
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\[ProductName]\x86\ekrn.exe"
"C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-nova.exe" /MOHYIrHi='Plus-HD-V1.4' /VfCGMdq=58362 /WtlIEFW='001647' /RRJIG='0' /DcwwPn='0' /oRrfx=C745453E237D4FBFBFBFB0B03C1163B9IE /WonPJ=723b2d281fca457c7e468d7371fd8697 /GcGKlW=1_34_06_10 /beJphyyzq=1.34.6.10 /SrUACq=1403260702 /bpxYPwyck=http://stats.datademoserv.com /zUfmGQZ=http://errors.datademoserv.com /jOsVCNF=http://js.datademoserv.com /PnFerMHZ=ch /dSFzhUjCy /JYExdfsp='nova' /BtAzE=http://js.clientdemocloud.com /tLgnC='{"asw":[0, 33554497]}' /Vtjaxe='http://update.datademoserv.com/novarun/ ... pdate.json' /ihVWbkIr='task' /kpimP=''
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\SysWOW64\SAsrv.exe
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
C:\Windows\system32\valWBFPolicyService.exe
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
"C:\Windows\System32\hkcmd.exe"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files\[ProductName]\egui.exe" /hide /waitservice
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe" servicemode
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
C:\Windows\system32\UI0Detect.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-14947305791249843222-1771359678949277694-182242238610966555771162230825-2021557360
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe" -Embedding
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5952.0.845485358\1414046721" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2843 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5952.3.313451948\868447986" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group10 pct:1a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/OmniboxBundledExperimentV1/QueryBoundaryControl_Stable_R6/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5952.4.1419601003\606736219" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group10 pct:1a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/QueryBoundaryControl_Stable_R6/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/group_01/UMAStability/SeparateLog/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5952.15.1017477687\1955147043" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group10 pct:1a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/NetworkConnectivity/disable_network_stats/OmniboxBundledExperimentV1/QueryBoundaryControl_Stable_R6/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_57/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/group_01/UMAStability/SeparateLog/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="5952.17.287920632\340866180" /prefetch:673131151
"C:\Windows\system32\cmd.exe"
\??\C:\Windows\system32\conhost.exe "-1493160245991403302-570204395-1381217759841308074-1150359442060801897185006614
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\system32\AUDIODG.EXE 0x4fc
"C:\Users\Lenovo\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-1.job - C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-codedownloader.exe /NTzZYl /ihVWbkIr=task /MOHYIrHi='Plus-HD-V1.4' /VfCGMdq=58362 /WtlIEFW='001647' /RRJIG='0' /DcwwPn='0' /oRrfx=C745453E237D4FBFBFBFB0B03C1163B9IE /WonPJ=723b2d281fca457c7e468d7371fd8697 /GcGKlW=1_34_06_10 /beJphyyzq=1.34.6.10 /SrUACq=1403260702 /bpxYPwyck=http://stats.datademoserv.com /zUfmGQZ=http://errors.datademoserv.com /jOsVCNF=http://js.datademoserv.com /PnFerMHZ=ch /BtAzE=http://js.clientdemocloud.com /PtljuE /tLgnC='{"asw":[0, 33554497]}' /Vtjaxe='http://update.datademoserv.com/ie_code_ ... pdate.json' /ihVWbkIr='task' /kpimP=''
C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-11.job - C:\Program Files (x86)\Plus-HD-V1.4\96431e5d-5723-4d78-ae7b-7096d51b336b-11.exe /RQVexrN=ogn1+VtrIbrg67kX/U59LyqykvKHrgLN8on7g7nQ7gi88hrgUchKhcL/4IjlT5KcHqXOj9yY5r3gEXJtXbMfUD9gSB9pH3rgQe0fr/Xklw7q8weig62uFP1VrzR2x7qkxJTmIz7CxHxiMAqpgU4zCBJo9DFDmelesCtuVsI7GO06XP4TjhvLumw2axuDERvqWgAzD34CRhXegHkqUket8PZJmmiK9iVRo+w0t2n0lrzVBFkUPd37bLCYfOts+FCC+Z9ix169F8xxKvmYmW5xdFYyGVFNO5oSJJnpdvBbU3QKbfm9/Ph1wPIcXeZQcslyQnwxGwPFP3BBV65b7B+lzR8EEnBMgesTeplDLhbCUVfk5dQFd+MI5xZCaTMLQ6+ArNQ3rKFaxQ5yqcdpeJseUn6How1+fVQ/ZoP6jQqUITHI9tG2ylWFSQruMWjZ4PPEL8TQMPkOeyPVIdjjBmonLo7MjnoFSEiohdHjiaSsvmnm3Xdge9uv3HSzUf8PO2IGQ8k3qfQcqEou6U4xNfvW2efHld4LVO78zv5jJytZ3FcPfB3iMLN+w9YjN4IHNor+Ix/+uWyzVWOIRvU4gEL/55hU13ZahQlz9Ugan9WWqPpe7eyw1CuwzhI/AA8R81fuQi/ckYLRFMlggvV/EqOAYmldwD3dzyuI4EYGgJIVPsmJDjoX+sIg1yOdmnBQC1dQU8icwDa0n4bZDzTbEz9cQBl8rDJmYGW20F0agNGM+sqdIDwQEVSgIIeE7G2Q6J+t4vTEIpSfuxuRF+2gdGPl+Tx7fFxR9k3R4WBdy4G9KXVSqjVv8xzRvfU82IMGSTQwYzilXai6cwkiI6yk1zx06SnSNk1nwvuqHsUppn2yePZVQglphUnX9g3oqbp1NvEyWuelwWbl/8qkxReNUZrMUtJAELA06wDbuiV/ipCIGkunXfC0cryBNcUIoYCnCvR3jFasIMZ0dwvID+LKTVL5ERIJ5KUUOA+vkOnRpk3jBvlp2Y+TBuD9CVUAckiVSqGfwuuy/18IH77prey5flzboHLfmft/5xqyxokq/536kcIfuGFNFc/+Adob7qOaaiB8XWPBdWat3QxTErBfKf25+Vo+OYYqwWt3nI91+jqEZ/tHQZO1aBsp6Ey+0m9n60ZPWg8NhDSrpVGpwQqikrUNH498xR4Ek9/vTXl7gBGcIQc1M3aZIpFWhbmlYLDzvu28yLOvb7BVMud9XGCBgGy9/YrtlfHctmwocRtKtWdb/2v32UT2Vv4AaacqQcYH71aRYbruYJIpSTqcSMmKADluicVVqIWijg2XO6MlT4dtU1SwFWROEisIkjZeTYFKHrX0Dr1ieE+XRXKf9Q69Gp5coT6BYw/7D/yjfDDFFTKOon+wucMzrErQ8QC/Em8Iv8pnxXG53vES4rgyivcpG0Ax2yNfNzp22nNJlOweFhSJtn81CHXHTDxgvJZ+5eEMt1T1DwEjN2PytAd8OlSDznkL4T7K1RFuyvoz3nVNTluj4/xvMpq2oLBg4o1tUxqpA9zPBhBs4K7sizNpenmkSKAzkILGSp+HKK87BR3AqoXTYdNypuqLFL3ydFMpzMEySaNAWiyR0bxC4hDykjvK2ppKUI1FGCrwkKGMQuPrvuabqwjrIOKUbrGLxjGmn9JDc6TmWxO+J2FhyqTPRuV4jOoZguUBGmCxjoqaSQ+xf8WaTR0=
C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-2.job - C:\Program Files (x86)\Plus-HD-V1.4\96431e5d-5723-4d78-ae7b-7096d51b336b-2.exe /ntHXI /MOHYIrHi='Plus-HD-V1.4' /VfCGMdq=58362 /WtlIEFW='001647' /RRJIG='0' /DcwwPn='0' /oRrfx=C745453E237D4FBFBFBFB0B03C1163B9IE /WonPJ=723b2d281fca457c7e468d7371fd8697 /GcGKlW=1_34_06_10 /SrUACq=1403260702 /bpxYPwyck=http://stats.datademoserv.com /zUfmGQZ=http://errors.datademoserv.com /WexDOwp=11111111-1111-1111-1111-110511831162 /PnFerMHZ=ch /IkwgkIx /PtljuE /Vtjaxe='http://update.datademoserv.com/ie_enabl ... pdate.json' /ihVWbkIr='task' /kpimP=''
C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-3.job - C:\Program Files (x86)\Plus-HD-V1.4\96431e5d-5723-4d78-ae7b-7096d51b336b-3.exe /RQVexrN=OAsjyZnoD62Gu1UoJCLswROIR+WlpCtJvGEvH0u8S2QwwKBvSCijAxT/pkC2zQBBuz8VSzxSbIEep1fefQZkShfSnk8JoAO627YGroNL4Ej440TeFgqD1ArxpXcK/PpuxHHxMcaUt1QcKoE0hNmncPdNSwxpx5S1wZCqVqZsS6FPN0N+IiBIcaHSjJkXvU+/qv3wgeD0w4Vuu6mlYESzEJXWKknyZoCux4RLFNGWgTBSif2Vf+9fidy36OdnBOcupMmxQtYu0Twu9Q695+xKK2s3X7Su2iALXqCqAFiaY65B9OhM2gZ9+tFKxatFNTRyROfamwxpeb6SMM++zZzXyEPuG3yDg+02kqqaPOq/0uaW8O3YTU7rELSQVmHIjy+24pFTAA/OyMfNsp0CeRtvyPGUQ7x4K6v5OcmSyGAs9IE+7eh13mRD5/wdEf9IV63Z0I5VCib3i17+lp8XUfYSFlp/ZymTKF/KwZuk4n2dS1WBvUrygcd7cGk+ja9Ooa/pHNpzGSqYRSZUXfVyF7WvyeN8AH2kkWpz3rNNIxK6pxG1MdfCZ/0Hb/qGnuAWUjDp8U4/uVrhghUVj3b1WMtzUuG32z8o+JBZr6A7QQTr/zkVdTEWsZzgQa0b2q8FTGCLMwBl8BmtoEUqGpBv2di1KJnhGHNWcY0KzH4V7PUQGta7a/oBqsbmka/KBZtFECfqEeKjwfwvXIQzswtoNbiYBYNKf+koEpKeZDF76qRPtfViNQGEIpgnx7WDIy3FkqsTXNHObiAcdHigwPCIVzII7fITDTbegiWGSz6Fjxlm1DW0a1deC6cnsUKCz+rMnphRXt2XE0U79Op/jjL7VShvNSe467ZVLcqvfA/yHPiDaaiukHM/2L23QKz/6/ZqTdc60GluhE8yJNnWTOS2Z9YKCdXqUvvVP3OkBAyUP7dm7BqRGkJEe07wH6WAtct12MQvd+VlSJ9O3MlBu+i7hIqqTCzVenJFggQswjg0LgqP97OtdE+slPbAcA54WyU8iN5B
C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-4.job - C:\Program Files (x86)\Plus-HD-V1.4\96431e5d-5723-4d78-ae7b-7096d51b336b-4.exe /gbXmTT /MOHYIrHi='Plus-HD-V1.4' /DUQSN='C:\Program Files (x86)\Plus-HD-V1.4\58362.xpi' /VfCGMdq=58362 /WtlIEFW='001647' /RRJIG='0' /DcwwPn='0' /oRrfx=C745453E237D4FBFBFBFB0B03C1163B9IE /WonPJ=723b2d281fca457c7e468d7371fd8697 /GcGKlW=1_34_06_10 /beJphyyzq=1.34.6.10 /SrUACq=1403260702 /bpxYPwyck=http://stats.datademoserv.com /zUfmGQZ=http://errors.datademoserv.com /eqnEkZn=300 /jezWgFV=508d4e2f-a469-421d-a294-135dbb84fe1b@f7b17943-cc9e-4d4a-b223-0bd1e7cfc871.com /fcBQxj=0.94 /zILAMShzS=a508d4e2fa469421da294135dbb84fe1bf7b17943cc9e4d4ab2230bd1e7cfc871com58362 /NkLtWVr=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /58362.rdf /JtkxpVf='Plus-HD-V1.4' /LrLNasUFR='Turn YouTube videos to High Definition by default' /Zoero='Plus HD' /PnFerMHZ=ch /tLgnC='{"asw":[0, 33554497]}' /PtljuE /XYJVwf /ENFIVrqO /Vtjaxe='http://update.datademoserv.com/ff_agent ... pdate.json' /ihVWbkIr='task' /kpimP=''
C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-5.job - C:\Program Files (x86)\Plus-HD-V1.4\96431e5d-5723-4d78-ae7b-7096d51b336b-5.exe /qNJbEGH /MOHYIrHi='Plus-HD-V1.4' /VfCGMdq=58362 /WtlIEFW='001647' /RRJIG='0' /DcwwPn='0' /oRrfx=C745453E237D4FBFBFBFB0B03C1163B9IE /WonPJ=723b2d281fca457c7e468d7371fd8697 /GcGKlW=1_34_06_10 /SrUACq=1403260702 /bpxYPwyck=http://stats.datademoserv.com /zUfmGQZ=http://errors.datademoserv.com /BWiJMzF=http://ipgeoapi.com/ /dNXmo=http://update.datademoserv.com /OlMQlH=2 /mlQJY=http://logs.datademoserv.com /Vtjaxe='http://update.datademoserv.com/updater_ ... pdate.json' /ihVWbkIr='task' /kpimP=''
C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-6.job - C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-novainstaller.exe /YxbitnECo /MOHYIrHi='Plus-HD-V1.4' /VfCGMdq=58362 /WtlIEFW='001647' /RRJIG='0' /DcwwPn='0' /oRrfx=C745453E237D4FBFBFBFB0B03C1163B9IE /WonPJ=723b2d281fca457c7e468d7371fd8697 /GcGKlW=1_34_06_10 /beJphyyzq=1.34.6.10 /SrUACq=1403260702 /bpxYPwyck=http://stats.datademoserv.com /zUfmGQZ=http://errors.datademoserv.com /jOsVCNF=http://js.datademoserv.com /PnFerMHZ=ch /dSFzhUjCy /JYExdfsp='nova' /BtAzE=http://js.clientdemocloud.com /tLgnC='{"asw":[0, 33554497]}' /ihVWbkIr=task /Vtjaxe='http://update.datademoserv.com/novacode ... pdate.json' /ihVWbkIr='task' /kpimP=''
C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-7.job - C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-nova.exe /MOHYIrHi='Plus-HD-V1.4' /VfCGMdq=58362 /WtlIEFW='001647' /RRJIG='0' /DcwwPn='0' /oRrfx=C745453E237D4FBFBFBFB0B03C1163B9IE /WonPJ=723b2d281fca457c7e468d7371fd8697 /GcGKlW=1_34_06_10 /beJphyyzq=1.34.6.10 /SrUACq=1403260702 /bpxYPwyck=http://stats.datademoserv.com /zUfmGQZ=http://errors.datademoserv.com /jOsVCNF=http://js.datademoserv.com /PnFerMHZ=ch /dSFzhUjCy /JYExdfsp='nova' /BtAzE=http://js.clientdemocloud.com /tLgnC='{"asw":[0, 33554497]}' /Vtjaxe='http://update.datademoserv.com/novarun/ ... pdate.json' /ihVWbkIr='task' /kpimP=''
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511831162}]
Plus-HD-V1.4 - C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-bho64.dll [2014-06-20 735552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-06 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-11-20 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-06 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511831162}]
Plus-HD-V1.4 - C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-bho.dll [2014-06-20 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-08 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2012-06-14 887968]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-05-31 184112]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-06-18 11586944]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-26 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-26 441152]
"IntelPROSet"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2012-08-23 4805936]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-02-11 3015408]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-08 1028384]
"egui"=C:\Program Files\[ProductName]\egui.exe [2013-08-19 5617432]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31 508144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-21 291648]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-25 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-12 10:54:54 ----D---- C:\rsit
2014-07-01 19:16:53 ----AS---- C:\Windows\SYSWOW64\lcpmncebxu.exe
2014-07-01 19:16:53 ----AS---- C:\Windows\SYSWOW64\dcgmncebxu.exe
2014-07-01 19:16:52 ----AS---- C:\Windows\SYSWOW64\acumncebxu.exe
2014-07-01 19:16:18 ----AS---- C:\Windows\SYSWOW64\nircmdc.exe
2014-07-01 19:16:14 ----D---- C:\Program Files (x86)\carovny minecraft 1 7 2 exe plna verze
2014-06-25 18:52:01 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2014-06-20 12:38:26 ----D---- C:\Program Files (x86)\globalUpdate
2014-06-20 12:38:25 ----D---- C:\Program Files (x86)\Plus-HD-V1.4
2014-06-18 14:16:49 ----D---- C:\ProgramData\DSearchLink
2014-06-18 14:16:38 ----D---- C:\Program Files (x86)\gravitysensation.com
2014-06-17 19:12:30 ----AS---- C:\Windows\SYSWOW64\lcpmncvfvmdy.exe
2014-06-17 19:12:30 ----AS---- C:\Windows\SYSWOW64\dcgmncvfvmdy.exe
2014-06-17 19:12:30 ----AS---- C:\Windows\SYSWOW64\acumncvfvmdy.exe
2014-06-17 19:12:23 ----D---- C:\Program Files (x86)\Minecraft server [plna verzia funkcna odskusana] pre 64bitove verzie a 32bitove funguje iba na JAVA 7 obsahuje navod ako upravit a je v php suboroch

======List of files/folders modified in the last 1 month======

2014-07-12 10:54:58 ----D---- C:\Windows\Prefetch
2014-07-12 10:54:56 ----D---- C:\Windows\Temp
2014-07-12 10:54:56 ----D---- C:\Program Files\trend micro
2014-07-12 09:24:29 ----D---- C:\Windows\SysWOW64
2014-07-12 09:24:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-12 09:17:37 ----D---- C:\Windows\system32\config
2014-07-12 09:09:06 ----D---- C:\Users\Lenovo\AppData\Roaming\uTorrent
2014-07-12 09:06:12 ----D---- C:\Windows\system32\catroot
2014-07-12 09:06:11 ----D---- C:\Windows\system32\catroot2
2014-07-12 09:06:09 ----D---- C:\Windows\winsxs
2014-07-12 09:04:45 ----SHD---- C:\System Volume Information
2014-07-12 08:59:16 ----D---- C:\Windows
2014-07-12 08:57:01 ----A---- C:\Windows\SYSWOW64\log.txt
2014-07-12 08:53:59 ----D---- C:\ProgramData\Validity
2014-07-12 08:53:57 ----D---- C:\ProgramData\NVIDIA
2014-07-05 17:02:10 ----D---- C:\Windows\inf
2014-07-05 16:48:13 ----D---- C:\Windows\system32\drivers
2014-07-05 16:48:06 ----D---- C:\Windows\system32\WinBioPlugIns
2014-07-05 16:48:06 ----D---- C:\Windows\system32\drivers\UMDF
2014-07-05 16:48:06 ----D---- C:\Windows\System32
2014-07-05 16:48:04 ----D---- C:\Windows\system32\DriverStore
2014-07-03 21:21:26 ----D---- C:\Users\Lenovo\AppData\Roaming\Skype
2014-07-01 19:17:04 ----RD---- C:\Program Files (x86)
2014-07-01 19:16:52 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-06-27 14:35:11 ----D---- C:\Program Files (x86)\WarThunder
2014-06-25 13:03:02 ----SHD---- C:\Windows\Installer
2014-06-25 12:58:29 ----D---- C:\Windows\Tasks
2014-06-22 14:02:30 ----D---- C:\Windows\system32\NDF
2014-06-22 14:00:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-22 13:40:39 ----D---- C:\Program Files (x86)\MINECRAFT 1 7 2 plna hra zdarma
2014-06-22 11:17:58 ----D---- C:\Users\Lenovo\AppData\Roaming\.minecraft
2014-06-21 12:46:55 ----D---- C:\Windows\debug
2014-06-21 12:43:50 ----D---- C:\Windows\system32\Tasks
2014-06-18 14:16:49 ----HD---- C:\ProgramData
2014-06-14 22:55:06 ----D---- C:\Windows\rescache
2014-06-14 20:41:54 ----D---- C:\Windows\SYSWOW64\en-US
2014-06-14 20:41:54 ----D---- C:\Program Files\Internet Explorer
2014-06-14 20:41:53 ----D---- C:\Windows\system32\en-US
2014-06-14 20:41:53 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-14 20:31:48 ----D---- C:\Windows\system32\MRT
2014-06-14 20:29:33 ----A---- C:\Windows\system32\MRT.exe
2014-06-14 20:29:26 ----D---- C:\ProgramData\Microsoft Help
2014-06-14 20:26:19 ----SD---- C:\Windows\system32\CompatTel

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-08-20 62136]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-10-23 32544]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-07-04 564824]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-04-28 50464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-04 283064]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-08-20 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-08-20 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-08-20 220232]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-07-03 6059112]
R3 btwsecfl;Bluetooth USB Security Filter; C:\Windows\system32\drivers\btwsecfl.sys [2012-09-19 72056]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\Windows\System32\Drivers\btwusb.sys [2012-10-18 62840]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2012-09-20 1609376]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2014-05-10 87040]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-09-05 54528]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-08-25 9000256]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-09-28 39200]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2013-05-16 288840]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-13 726160]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-02-11 31984]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-02-11 469232]
R3 vm331avs;Digital Camera 1; C:\Windows\System32\Drivers\vm331avs.sys [2013-03-01 1045248]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-08-20 239320]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2014-05-10 13952]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2014-05-10 98304]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2014-05-10 28672]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2014-05-10 223744]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-06-18 1095616]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-06-18 1333184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-06-18 1124288]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\[ProductName]\x86\ekrn.exe [2013-08-19 1337240]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-09-05 66344]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-19 634632]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-20 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-20 166720]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2013-04-19 127072]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-10 136288]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-20 277824]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-08 15125280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-11-08 1914656]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2013-04-19 145808]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2013-04-19 125504]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-20 365376]
R2 valWBFPolicyService;Synaptics FP WBF Policy Service; C:\Windows\system32\valWBFPolicyService.exe [2014-05-12 47504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2012-06-08 201376]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-20 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-30 116648]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2014-05-10 655712]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-12 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-08-26 276288]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-20 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-04 1255736]
S4 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584]
S4 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Pekne jste si to zasr.. At zije minecraft

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL logfile created on: 12. 7. 2014 11:15:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lenovo\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,58 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 42,55% Memory free
7,15 Gb Paging File | 4,82 Gb Available in Paging File | 67,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,42 Gb Total Space | 374,99 Gb Free Space | 80,57% Space Free | Partition Type: NTFS

Computer Name: LENOVO-PC | User Name: Lenovo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/07/12 11:12:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lenovo\Desktop\OTL.exe
PRC - [2014/06/25 12:58:15 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/06/20 12:38:44 | 000,593,728 | ---- | M] (Plus HD) -- C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-nova.exe
PRC - [2014/06/05 15:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/05/10 12:12:35 | 000,655,712 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
PRC - [2013/12/21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/11/08 22:46:18 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/11/08 22:45:42 | 001,914,656 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/11/08 22:45:41 | 001,224,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013/10/23 04:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/08/19 15:08:26 | 001,337,240 | ---- | M] (ESET) -- C:\Program Files\[ProductName]\x86\ekrn.exe
PRC - [2013/04/19 15:30:20 | 000,583,744 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2013/04/19 15:30:20 | 000,125,504 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2013/04/19 15:30:16 | 000,127,072 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2012/10/18 13:42:26 | 000,689,560 | R--- | M] (Ericsson AB) -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
PRC - [2012/07/20 01:00:54 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/20 01:00:52 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/20 01:00:38 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/07/20 01:00:28 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/18 14:32:00 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/06/18 14:31:58 | 001,333,184 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2012/06/18 14:31:48 | 001,095,616 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/06/18 14:31:42 | 000,956,352 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2012/05/21 15:26:26 | 000,291,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/03/14 17:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011/01/07 12:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe

========== Modules (No Company Name) ==========

MOD - [2014/06/20 12:38:44 | 000,123,712 | ---- | M] () -- C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-nova.dll
MOD - [2014/06/05 15:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014/06/05 15:58:37 | 014,612,296 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
MOD - [2014/06/05 15:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014/06/05 15:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014/06/05 15:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014/06/05 15:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2013/10/23 12:30:23 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013/01/17 14:33:02 | 000,667,648 | ---- | M] () -- C:\Windows\SysWOW64\vmprp331.ax

========== Services (SafeList) ==========

SRV:64bit: - [2014/05/30 11:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/05/12 09:12:16 | 000,047,504 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Windows\SysNative\valWBFPolicyService.exe -- (valWBFPolicyService)
SRV:64bit: - [2013/11/08 22:47:21 | 015,125,280 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/09/05 12:12:16 | 000,066,344 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2013/08/19 15:08:26 | 001,337,240 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\[ProductName]\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/19 15:30:20 | 000,125,504 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:64bit: - [2013/04/19 15:30:16 | 000,127,072 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2013/04/19 15:30:02 | 000,145,808 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:64bit: - [2012/08/23 16:05:12 | 003,342,640 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012/08/23 16:04:28 | 000,272,688 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012/08/23 16:04:00 | 000,629,040 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012/08/23 16:03:14 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012/08/23 13:39:38 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/08/10 20:49:38 | 000,136,288 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:64bit: - [2012/07/18 00:52:16 | 000,659,472 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012/06/19 19:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2012/06/08 17:07:16 | 000,201,376 | ---- | M] (Conexant Systems Inc.) [Auto | Stopped] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/07/12 09:24:26 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/20 12:38:25 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2014/06/20 12:38:25 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate)
SRV - [2014/05/10 12:12:35 | 000,655,712 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
SRV - [2014/03/03 10:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/03/03 10:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2013/12/21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/08 22:45:42 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/10/23 04:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/05 11:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/18 13:42:26 | 000,689,560 | R--- | M] (Ericsson AB) [Auto | Running] -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
SRV - [2012/08/26 15:56:14 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/20 01:00:54 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/20 01:00:52 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/20 01:00:38 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/07/20 01:00:28 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/06/18 14:32:00 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/06/18 14:31:58 | 001,333,184 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2012/06/18 14:31:48 | 001,095,616 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011/03/14 17:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2011/01/07 12:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/05/10 12:12:35 | 000,223,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV:64bit: - [2014/05/10 12:12:35 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2014/05/10 12:12:35 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2014/05/10 12:12:35 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:64bit: - [2014/05/10 12:12:35 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2014/04/28 16:41:41 | 000,050,464 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/10/23 12:30:23 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/09/28 01:01:44 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/09/05 12:12:16 | 000,054,528 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2013/08/20 11:50:28 | 000,239,320 | ---- | M] (ESET) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/08/20 11:50:28 | 000,220,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013/08/20 11:50:28 | 000,168,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2013/08/20 11:50:28 | 000,062,136 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013/08/20 11:50:28 | 000,044,120 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013/07/04 21:01:06 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/07/04 17:36:06 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013/07/03 12:48:15 | 006,059,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2013/05/16 11:29:20 | 000,288,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2013/03/01 17:26:40 | 001,045,248 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm331avs.sys -- (vm331avs)
DRV:64bit: - [2013/02/11 16:58:38 | 000,469,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/02/11 16:58:36 | 000,031,984 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/10/18 04:48:32 | 000,062,840 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwusb.sys -- (BTWUSB)
DRV:64bit: - [2012/09/20 14:11:24 | 001,609,376 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2012/09/19 09:02:00 | 000,072,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwsecfl.sys -- (btwsecfl)
DRV:64bit: - [2012/08/25 16:02:44 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/08/23 16:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/18 00:49:00 | 000,198,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012/07/18 00:49:00 | 000,198,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 22:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/13 13:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/05/21 15:25:30 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/05/21 15:25:30 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/05/21 15:25:30 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-825478306-3476294081-1402375209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... l&tsp=5282
IE - HKU\S-1-5-21-825478306-3476294081-1402375209-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-825478306-3476294081-1402375209-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.buenosearch.com/?q={searchTe ... l&tsp=5282
IE - HKU\S-1-5-21-825478306-3476294081-1402375209-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-825478306-3476294081-1402375209-1004\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Lenovo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\[ProductName]\Mozilla Thunderbird [2014/05/07 22:21:45 | 000,000,000 | ---D | M]

[2013/11/20 19:13:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: HÄľadaĹĄ v Google = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: PeĹaĹľenka Google = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/05/08 07:54:52 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Plus-HD-V1.4) - {11111111-1111-1111-1111-110511831162} - C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-bho64.dll (Plus HD)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Plus-HD-V1.4) - {11111111-1111-1111-1111-110511831162} - C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-bho.dll (Plus HD)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\[ProductName]\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [ForteConfig] C:\Program Files\CONEXANT\ForteConfig\fmapp.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-825478306-3476294081-1402375209-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-825478306-3476294081-1402375209-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9A47BCD-A8D2-4106-BC9F-B91263E7F02F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5841107-6E9C-42AD-91AA-A66A7B8FD3AA}: DhcpNameServer = 213.151.222.34 85.237.225.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5841107-6E9C-42AD-91AA-A66A7B8FD3AA}: NameServer = 213.151.222.34 85.237.225.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F76A226D-C571-41CA-BF06-F76CAFB54A6B}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{412de788-d82a-11e3-bddd-28d2440e3727}\Shell - "" = AutoRun
O33 - MountPoints2\{412de788-d82a-11e3-bddd-28d2440e3727}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{412de797-d82a-11e3-bddd-28d2440e3727}\Shell - "" = AutoRun
O33 - MountPoints2\{412de797-d82a-11e3-bddd-28d2440e3727}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/07/12 11:12:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lenovo\Desktop\OTL.exe
[2014/07/12 10:54:54 | 000,000,000 | ---D | C] -- C:\rsit
[2014/07/12 09:02:47 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/07/01 19:16:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\carovny minecraft 1 7 2 exe plna verze
[2014/07/01 19:16:18 | 000,043,520 | --S- | C] (NirSoft) -- C:\Windows\SysWow64\nircmdc.exe
[2014/07/01 19:16:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\carovny minecraft 1 7 2 exe plna verze
[2014/06/25 18:53:57 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Documents\Euro Truck Simulator 2
[2014/06/25 18:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
[2014/06/25 18:52:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Euro Truck Simulator 2
[2014/06/20 12:38:26 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\globalUpdate
[2014/06/20 12:38:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/06/20 12:38:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plus-HD-V1.4
[2014/06/18 14:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\DSearchLink
[2014/06/18 14:16:38 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sumotori Dreams Demo
[2014/06/18 14:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sumotori Dreams Demo
[2014/06/18 14:16:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gravitysensation.com
[2014/06/17 19:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minecraft server [plna verzia funkcna odskusana] pre 64bitove verzie a 32bitove funguje iba na JAVA 7 obsahuje navod ako upravit a je v php suboroch
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/07/12 11:16:54 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/07/12 11:12:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lenovo\Desktop\OTL.exe
[2014/07/12 11:03:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/12 10:59:20 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/12 10:59:20 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/12 10:38:00 | 000,001,412 | ---- | M] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-7.job
[2014/07/12 10:27:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/12 10:26:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/12 09:24:25 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/07/12 09:24:25 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/07/12 08:54:12 | 000,002,430 | ---- | M] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-3.job
[2014/07/12 08:54:12 | 000,001,396 | ---- | M] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-5.job
[2014/07/12 08:54:09 | 000,003,800 | ---- | M] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-11.job
[2014/07/12 08:54:07 | 000,002,186 | ---- | M] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-4.job
[2014/07/12 08:54:05 | 000,001,320 | ---- | M] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-2.job
[2014/07/12 08:54:04 | 000,001,484 | ---- | M] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-6.job
[2014/07/12 08:54:04 | 000,001,466 | ---- | M] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-1.job
[2014/07/12 08:54:04 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/12 08:54:03 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014/07/12 08:53:48 | 2879,639,552 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/05 16:48:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_wbf_vfs_lvcmn_01_09_00.Wdf
[2014/07/04 18:43:09 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014/07/03 19:00:34 | 000,000,712 | ---- | M] () -- C:\Users\Lenovo\Desktop\Grand Theft Auto Vice City - odkaz.lnk
[2014/06/26 19:37:43 | 000,000,760 | ---- | M] () -- C:\Users\Lenovo\Desktop\GRID 2.lnk
[2014/06/23 23:17:40 | 000,009,201 | --S- | M] () -- C:\Windows\SysWow64\msulvvxd.vbe
[2014/06/22 14:00:54 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/22 14:00:54 | 000,654,464 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/22 14:00:54 | 000,122,336 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/21 17:35:06 | 000,064,820 | ---- | M] () -- C:\Users\Lenovo\Documents\unnamed.jpg
[2014/06/13 20:07:20 | 733,214,706 | ---- | M] () -- C:\Users\Lenovo\Desktop\Autá-2-Cars.avi
[2014/06/12 14:12:01 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/07/12 11:16:54 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/07/05 16:48:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_wbf_vfs_lvcmn_01_09_00.Wdf
[2014/07/03 19:00:34 | 000,000,712 | ---- | C] () -- C:\Users\Lenovo\Desktop\Grand Theft Auto Vice City - odkaz.lnk
[2014/07/01 19:16:53 | 000,972,814 | --S- | C] () -- C:\Windows\SysWow64\dcgmncebxu.exe
[2014/07/01 19:16:53 | 000,187,904 | --S- | C] () -- C:\Windows\SysWow64\lcpmncebxu.exe
[2014/07/01 19:16:52 | 010,236,928 | --S- | C] () -- C:\Windows\SysWow64\acumncebxu.exe
[2014/07/01 19:16:24 | 000,009,201 | --S- | C] () -- C:\Windows\SysWow64\msulvvxd.vbe
[2014/06/26 19:37:43 | 000,000,760 | ---- | C] () -- C:\Users\Lenovo\Desktop\GRID 2.lnk
[2014/06/25 12:58:29 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/25 12:58:27 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/21 20:34:50 | 938,092,713 | ---- | C] () -- C:\Users\Lenovo\Desktop\Madagascar-3--Europes-Most-Wanted-2012-animovany-CZ-dabing.avi
[2014/06/21 17:35:05 | 000,064,820 | ---- | C] () -- C:\Users\Lenovo\Documents\unnamed.jpg
[2014/06/20 12:39:07 | 000,001,396 | ---- | C] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-5.job
[2014/06/20 12:38:59 | 000,001,320 | ---- | C] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-2.job
[2014/06/20 12:38:55 | 000,001,466 | ---- | C] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-1.job
[2014/06/20 12:38:53 | 000,002,186 | ---- | C] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-4.job
[2014/06/20 12:38:43 | 000,001,412 | ---- | C] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-7.job
[2014/06/20 12:38:41 | 000,001,484 | ---- | C] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-6.job
[2014/06/20 12:38:31 | 000,003,800 | ---- | C] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-11.job
[2014/06/20 12:38:31 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014/06/20 12:38:29 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014/06/20 12:38:26 | 000,002,430 | ---- | C] () -- C:\Windows\tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-3.job
[2014/06/17 19:12:30 | 010,236,928 | --S- | C] () -- C:\Windows\SysWow64\acumncvfvmdy.exe
[2014/06/17 19:12:30 | 000,972,814 | --S- | C] () -- C:\Windows\SysWow64\dcgmncvfvmdy.exe
[2014/06/17 19:12:30 | 000,187,904 | --S- | C] () -- C:\Windows\SysWow64\lcpmncvfvmdy.exe
[2014/06/13 18:43:53 | 733,214,706 | ---- | C] () -- C:\Users\Lenovo\Desktop\Autá-2-Cars.avi
[2014/03/19 19:56:51 | 000,001,074 | ---- | C] () -- C:\Users\Lenovo\rgut
[2014/03/15 20:33:38 | 010,236,928 | --S- | C] () -- C:\Windows\SysWow64\acumncsiqa.exe
[2014/03/15 20:33:38 | 000,972,814 | --S- | C] () -- C:\Windows\SysWow64\dcgmncsiqa.exe
[2014/03/15 20:33:38 | 000,192,512 | --S- | C] () -- C:\Windows\SysWow64\libidn-11.dll
[2014/03/15 20:33:38 | 000,187,904 | --S- | C] () -- C:\Windows\SysWow64\lcpmncsiqa.exe
[2014/03/15 20:33:38 | 000,133,632 | --S- | C] () -- C:\Windows\SysWow64\librtmp.dll
[2014/03/15 20:33:38 | 000,100,864 | --S- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2014/03/15 20:33:37 | 000,538,126 | --S- | C] () -- C:\Windows\SysWow64\libcurl-4.dll
[2014/02/06 08:56:36 | 000,000,000 | ---- | C] () -- C:\Users\Lenovo\rgmnr
[2014/01/30 14:13:53 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/01/04 19:44:37 | 000,000,355 | ---- | C] () -- C:\Users\Lenovo\Kôš - odkaz.lnk
[2013/12/05 22:17:18 | 000,185,344 | ---- | C] () -- C:\Windows\patchw32.dll
[2013/12/05 12:29:30 | 000,000,347 | ---- | C] () -- C:\Windows\SOF2.INI
[2013/12/04 19:03:08 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini
[2013/11/18 21:20:25 | 000,766,780 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/07/04 22:39:12 | 000,001,988 | ---- | C] () -- C:\Windows\vm331Rmv.ini
[2013/07/04 22:39:12 | 000,001,988 | ---- | C] () -- C:\Windows\SysWow64\vm331Rmv.ini
[2013/07/04 16:34:42 | 000,035,727 | R--- | C] () -- C:\Windows\ConnectionProfiles.dat
[2013/07/04 15:31:13 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2013/07/04 15:31:08 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/07/04 15:31:07 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2013/07/04 01:03:42 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/06/22 11:17:58 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\.minecraft
[2014/03/11 20:05:37 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\.technic
[2013/07/07 13:05:53 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Activision
[2014/05/08 10:24:06 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\DAEMON Tools Lite
[2014/05/07 22:24:43 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\ESET
[2014/03/31 14:17:33 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\ftblauncher
[2014/04/23 18:07:48 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\glister
[2013/07/04 16:42:20 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Lenovo
[2013/07/04 16:42:15 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\LSC
[2014/04/05 10:55:28 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\MusicNet
[2013/07/04 15:12:45 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Opera Software
[2014/03/28 20:04:50 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\skyz
[2014/06/02 19:54:31 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\TuxPaint
[2013/11/01 20:07:03 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Unity
[2014/07/12 09:09:06 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,500 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014/05/14 21:39:42 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/06/20 12:38:26 | 000,002,430 | ---- | C] () -- C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-3.job
[2014/06/20 12:38:29 | 000,000,912 | ---- | C] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
[2014/06/20 12:38:31 | 000,000,916 | ---- | C] () -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
[2014/06/20 12:38:31 | 000,003,800 | ---- | C] () -- C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-11.job
[2014/06/20 12:38:41 | 000,001,484 | ---- | C] () -- C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-6.job
[2014/06/20 12:38:43 | 000,001,412 | ---- | C] () -- C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-7.job
[2014/06/20 12:38:53 | 000,002,186 | ---- | C] () -- C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-4.job
[2014/06/20 12:38:55 | 000,001,466 | ---- | C] () -- C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-1.job
[2014/06/20 12:38:59 | 000,001,320 | ---- | C] () -- C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-2.job
[2014/06/20 12:39:07 | 000,001,396 | ---- | C] () -- C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-5.job
[2014/06/25 12:58:27 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/06/25 12:58:29 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010/11/21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013/05/10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013/10/05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013/05/10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010/11/21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013/05/10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013/10/05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2014/05/30 10:00:12 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=04F6C08B30C599D301CE8530A6F6A703 -- C:\Windows\SoftwareDistribution\Download\66bc125e5a9950f4b35c08645d821906\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\SysNative\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2013/09/25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014/04/12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2012/08/24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012/06/04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011/11/17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2013/09/25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
[2014/05/30 10:07:57 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F23812F9F7B130854E4BC0389F7C688C -- C:\Windows\SoftwareDistribution\Download\66bc125e5a9950f4b35c08645d821906\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014/04/12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013/03/19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013/08/29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013/08/02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013/07/08 04:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013/03/19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013/08/02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/05/08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014/04/05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010/11/21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013/05/08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2013/07/06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013/11/26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/06/22 11:17:58 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\.minecraft
[2014/03/11 20:05:37 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\.technic
[2013/07/07 13:05:53 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Activision
[2013/07/14 14:56:55 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Adobe
[2014/05/08 10:24:06 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\DAEMON Tools Lite
[2014/05/07 22:24:43 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\ESET
[2014/03/31 14:17:33 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\ftblauncher
[2014/04/23 18:07:48 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\glister
[2013/07/03 11:22:38 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Identities
[2013/07/03 12:48:17 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\InstallShield
[2013/07/04 15:49:35 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Intel
[2013/07/04 16:42:20 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Lenovo
[2013/07/04 16:42:15 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\LSC
[2013/07/04 16:41:29 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Macromedia
[2011/04/12 15:40:56 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Media Center Programs
[2014/03/18 16:46:19 | 000,000,000 | --SD | M] -- C:\Users\Lenovo\AppData\Roaming\Microsoft
[2014/04/05 10:55:28 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\MusicNet
[2014/01/16 21:07:18 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\NVIDIA
[2013/07/04 15:12:45 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Opera Software
[2014/07/03 21:21:26 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Skype
[2014/03/28 20:04:50 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\skyz
[2014/06/02 19:54:31 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\TuxPaint
[2013/11/01 20:07:03 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Unity
[2014/07/12 09:09:06 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\uTorrent
[2013/07/03 11:33:47 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2014/03/05 00:57:34 | 038,629,536 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Lenovo\AppData\Roaming\LSC\Local Store\LSCSetup64.exe
[2013/07/04 16:40:09 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Installer\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}\ARPPRODUCTICON.exe
[2013/07/04 16:40:08 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Installer\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}\ARPPRODUCTICON.exe
[2014/05/07 21:49:08 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\Lenovo\AppData\Roaming\uTorrent\uTorrent.exe
[2014/05/07 21:49:08 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\Lenovo\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2014/05/30 09:40:23 | 011,725,312 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2014/05/30 09:40:23 | 011,725,312 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/07/12 09:24:25 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2014/07/12 09:24:25 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2014/07/12 10:26:59 | 000,000,070 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/07/12 11:16:54 | 000,000,512 | ---- | M] () MD5=500C8B3ABF02860CA667DAB1B7B43ACD -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014/04/22 15:28:43 | 000,067,756 | ---- | M] () -- \Users\Lenovo\AppData\Local\VirtualStore\Program Files (x86)\Counter-Strike 1.6 Standalone\cstrike\sound\misc\cracker1.wav
[2000/10/09 16:38:36 | 000,064,142 | ---- | M] () -- \Users\Lenovo\AppData\Local\VirtualStore\Program Files\Fox\Aliens versus Predator\graphics\envrnmts\Bleak\Panel Dirt Crack.RIM
[2014/03/31 14:09:50 | 000,001,062 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\ftblauncher\ModPacks\MindCrack\logo_minecrack.png
[2014/03/31 14:09:50 | 000,008,681 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\ftblauncher\ModPacks\MindCrack\mindcrack_splash.png
[2013/11/20 18:57:10 | 000,000,932 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Far Cry 3 Blood Dragon Crack-Reloaded Setup .lnk
[2008/02/28 07:48:34 | 000,004,593 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\data\stamps\household\dishes\utensils\nutcracker.png
[2009/06/29 02:39:12 | 000,001,363 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\data\stamps\household\dishes\utensils\nutcracker.txt
[2006/08/27 07:21:42 | 000,009,053 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\data\stamps\household\dishes\utensils\nutcracker_desc_ca.ogg
[2009/04/05 13:09:48 | 000,015,618 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\data\stamps\household\dishes\utensils\nutcracker_desc_el.ogg

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013/03/09 09:17:04 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013/03/09 09:17:04 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013/05/28 13:02:58 | 000,000,118 | ---- | M] () -- \Program Files (x86)\GRID 2\audio\audio_loader.xml
[2013/11/08 22:45:57 | 001,168,672 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013/07/25 04:43:28 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013/07/25 04:43:30 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013/07/25 04:43:12 | 000,073,024 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013/07/25 04:43:12 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2014/06/20 12:39:04 | 000,510,784 | ---- | M] () -- \Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-codedownloader.exe
[2013/03/09 09:52:18 | 000,364,168 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013/03/09 09:52:18 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013/10/18 03:34:40 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{113269D1-BA80-47BF-BFBE-28E0B9A3BD9F}\ExtensionLoader.dll
[2013/11/08 22:45:57 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{D896A34D-7C13-4358-87FE-C5B0A06690F6}\ExtensionLoader.dll
[2012/06/09 19:19:37 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013/06/19 15:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013/06/19 15:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013/11/11 15:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/11/11 15:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013/06/19 15:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013/06/19 15:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013/06/19 15:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013/11/11 15:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/11/11 15:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013/06/19 15:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2014/06/17 19:06:43 | 000,030,056 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log
[2014/04/08 13:56:48 | 000,147,500 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.1
[2014/04/08 14:18:00 | 000,000,000 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.1.lck
[2014/04/09 21:25:17 | 000,138,757 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.2
[2014/04/08 14:18:00 | 000,000,000 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.2.lck
[2014/04/09 20:50:13 | 000,138,757 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.3
[2014/04/08 14:18:00 | 000,000,000 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.3.lck
[2014/06/17 19:06:18 | 000,000,000 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\.minecraft\ForgeModLoader-client-0.log.lck
[2014/04/08 13:55:40 | 000,147,500 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\.minecraft\ForgeModLoader-client-1.log
[2014/04/08 14:16:54 | 000,137,879 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\.minecraft\ForgeModLoader-client-1.log.3
[2014/04/06 14:32:10 | 000,010,702 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\.minecraft\ForgeModLoader-client-2.log
[2011/06/14 20:44:52 | 000,003,103 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\etc\gtk-2.0\gdk-pixbuf.loaders
[2011/06/14 20:44:52 | 000,015,886 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2011/06/14 20:44:52 | 000,016,398 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2011/06/14 20:44:52 | 000,024,078 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2011/06/14 20:44:52 | 000,012,302 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2011/06/14 20:44:52 | 000,016,398 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2011/06/14 20:44:52 | 000,018,446 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2011/06/14 20:44:52 | 000,013,838 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2011/06/14 20:44:52 | 000,019,470 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2011/06/14 20:44:52 | 000,016,398 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2011/06/14 20:44:52 | 000,012,302 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-qtif.dll
[2011/06/14 20:44:52 | 000,011,790 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2011/06/14 20:44:52 | 000,015,886 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2011/06/14 20:44:52 | 000,016,398 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2011/06/14 20:44:52 | 000,011,278 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2011/06/14 20:44:52 | 000,013,326 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2011/06/14 20:44:52 | 000,028,174 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2011/06/14 20:44:52 | 000,010,254 | ---- | M] () -- \Users\Lenovo\Programs\TuxPaint\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2010/03/24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2014/07/04 18:38:00 | 000,020,316 | ---- | M] () -- \Windows\Prefetch\PLUS-HD-V1.4-CODEDOWNLOADER.E-1655DA7A.pf
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/04/12 15:30:21 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2011/04/12 15:30:21 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2011/04/12 15:30:21 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2011/04/12 15:30:21 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2011/04/12 15:30:21 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2013/07/04 01:28:01 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013/07/04 01:28:01 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013/07/04 01:28:01 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013/07/04 01:28:01 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013/07/04 01:28:01 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/04/12 15:29:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[1 \Windows\*.tmp files -> \Windows\*.tmp -> ]
[2013/11/30 20:13:04 | 000,000,715 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.ini

< *activator* /s >

< *serial* /s >
[2014/02/13 23:57:42 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014/03/19 19:24:48 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/02/14 00:30:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014/03/19 19:25:52 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/10/26 18:40:55 | 003,425,792 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\4d6c50c63ff4757f8825b82fb18eae3d\System.Runtime.Serialization.ni.dll
[2013/08/16 20:10:42 | 000,376,832 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/07/18 20:33:45 | 000,010,240 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2013/11/18 22:11:07 | 000,122,264 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/11/18 22:11:05 | 001,039,040 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/11/18 22:11:11 | 000,011,120 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/02/13 11:35:23 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/15 11:16:54 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014/02/13 11:31:13 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/14 21:02:58 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b73fbf8a2db2192752ad2b13744a393b\System.Runtime.Serialization.ni.dll
[2014/03/09 10:23:33 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/03/09 10:23:33 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/03/09 10:24:00 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014/03/09 10:24:00 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014/03/09 10:49:18 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014/03/09 10:49:18 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014/03/09 10:52:09 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/03/09 10:52:09 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/03/09 11:00:20 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
[2014/03/09 11:00:20 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll.aux
[2014/03/09 11:03:06 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014/03/09 11:03:06 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013/09/11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/09/11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/09/11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/09/11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/09/11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2011/04/12 15:29:55 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011/04/12 15:29:55 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2011/04/12 15:29:54 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009/07/14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011/04/12 15:30:00 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013/07/04 01:28:01 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013/07/04 01:28:01 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011/04/12 15:30:21 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009/07/14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011/04/12 15:30:21 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011/04/12 15:29:30 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 20:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 19:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010/11/21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011/04/12 15:29:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/11/21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

OTL Extras logfile created on: 12. 7. 2014 11:15:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lenovo\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,58 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 42,55% Memory free
7,15 Gb Paging File | 4,82 Gb Available in Paging File | 67,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,42 Gb Total Space | 374,99 Gb Free Space | 80,57% Space Free | Partition Type: NTFS

Computer Name: LENOVO-PC | User Name: Lenovo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-825478306-3476294081-1402375209-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E941B82-DE60-43C1-ACF7-7E2B88243BF0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{131C6D03-A33B-4CAB-A7E3-5E0E344D6EB0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{203F518F-06CA-431E-AD18-7F52CD168E4C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{21403DB7-E9E1-41FB-B526-9ACBA217E401}" = lport=139 | protocol=6 | dir=in | app=system |
"{26545472-3548-4F07-918C-2A310D22E351}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{34C9A6B0-846C-4873-8F21-5FE663F699F4}" = rport=139 | protocol=6 | dir=out | app=system |
"{3C3E9ECB-1CF2-44FF-A6B7-2C9F4F7A316D}" = rport=138 | protocol=17 | dir=out | app=system |
"{3EBAA25C-725E-491B-A343-270131828889}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4009DAC0-7192-4BC7-8DF3-1C5272975DBF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{43A87A0E-1366-4F86-8380-375B76E8F285}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{4477A004-0538-4365-9A0D-0DC8FD1E640A}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{4F71F576-9E25-46A5-876A-36C2C474E6CE}" = lport=137 | protocol=17 | dir=in | app=system |
"{5D806919-655E-4C23-8162-BD9FEA510B91}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{622321FD-D399-4C28-A54F-B3D6CCCB3976}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{64113879-B337-4BAA-B069-411AD7FD3F48}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{65BB057C-B495-4BB0-B7A0-BE3B049BC7F2}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{6E4AE286-866A-4160-8E20-207557DA019E}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{760AF40C-9079-4AEF-ACD1-58908755399D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7D9E5A76-013D-4771-AF43-12EF36048FF6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8202FA3D-050D-49E6-83BF-32667F27AA3C}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{88DE3B62-53DE-4F01-A632-E742B0DDC7A7}" = rport=137 | protocol=17 | dir=out | app=system |
"{8B9D2BF1-076E-4BD9-9E4F-5C94AE1AFDC9}" = lport=445 | protocol=6 | dir=in | app=system |
"{904A9A6C-735B-49B1-A977-2270403AA2F7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{91E58EF2-EC9D-481F-8064-DAA504678B5F}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{945B2419-9F7B-41C2-978A-18D417239C8A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{96F0B203-3FBB-479A-8535-7D4AB9CF71DF}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{970F10E6-7674-4701-A3E3-2553A2943BD9}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{9C08366D-DBB6-4A5C-BA30-16C8323073F9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A13F6EBC-F3D2-4E2A-B796-CEB816C4B6A2}" = lport=138 | protocol=17 | dir=in | app=system |
"{A1F345B2-C48F-46B9-A7CA-8B9521A210CC}" = rport=445 | protocol=6 | dir=out | app=system |
"{AC19A430-24E3-4F30-96A3-0AA847A25863}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{B494ACEA-44BD-41C9-ADDC-DA8BAE02ED2F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B7054993-1479-4C8C-8153-455FD708BBE1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C49409F4-9C63-4894-B6B9-2C180D4D51E6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CB4DEFB5-C965-41C7-A899-DC82C21D216C}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{D0B18D2E-0838-44B8-B21E-B9F70BEEE99B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E2E728ED-6FCE-4B1B-81C7-CF66A54AFF47}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{EB21240C-E235-45D2-BCCC-9B6CD842A64B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EEE2B346-D07C-4EE3-AD5B-239289EF534B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{EF2146BE-E4EF-4083-8A25-07C2A4ACE45F}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F6B665C2-BA49-4E7B-933C-3854B653EE6A}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{F74A616B-2847-465B-8C58-6AFF538C9D65}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0281EFF8-C321-409A-B22F-F23FE34538D4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{02F6E9B4-4D85-4ACF-B227-866B138BAC2D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{162C92ED-B1EC-48E4-ACA9-05BB7D3999FF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1821F216-C929-43AB-838A-BA7621580D7F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{1CEEFAA2-8FC3-4FEB-8E3D-3DCDB77A1E78}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{27F4D2BC-8292-4139-8ED8-709A96AB2026}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{30F18A4D-0733-469D-9E72-DDE61476B907}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{40D13CF8-F3A3-4FDF-9FB8-DE490EF24B25}" = protocol=6 | dir=in | app=c:\users\lenovo\appdata\roaming\utorrent\utorrent.exe |
"{4C57F21D-F898-49BD-A15A-10EC895439D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4D353F40-D820-44C1-BFB1-4089FE263C45}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\x-men origins - wolverine(tm)\binaries\wolverine.exe |
"{63BF8AC4-186D-4876-AC71-897579C296D9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{64F6CFFC-13DB-429D-8A8E-0095F52DE3EA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{66A51A00-90EE-42AE-8606-B50C3B0E2A08}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{689DBCF0-9766-4B0C-8FFC-6C0F2744BC73}" = protocol=17 | dir=in | app=c:\program files (x86)\warthunder\launcher.exe |
"{693C3EF7-256F-40BF-91FD-049856898E39}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{75148C28-586B-4C13-868B-49E0639C51B6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{7F6685E3-0D5C-4F27-8538-CEAFB7765943}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{80AA8A13-F4C2-4ABD-BADE-06383CF00599}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{83FE65C5-793D-4689-9F6C-6340EB5C3139}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{862BB6E6-FAAE-407C-B8F4-70F627F6E6E6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{88FCFEB5-260A-4802-88A6-9583A5DCADE6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8F702FCA-FCB2-4AAE-8098-7ADDE64FBD2D}" = protocol=6 | dir=in | app=c:\program files (x86)\warthunder\launcher.exe |
"{9A2AE5BA-70A4-41B6-901E-0992BCD6A19B}" = protocol=17 | dir=in | app=c:\users\lenovo\appdata\roaming\utorrent\utorrent.exe |
"{9B274BED-5B9C-467D-873A-EBF4582AF648}" = protocol=6 | dir=out | app=system |
"{AF5C34D7-4275-48EA-B602-4361B2CC919F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B9CACACA-51EB-4472-90D8-E3DADD9AF6C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C37D877B-F606-4410-9A6C-7235D8444A34}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D021AF69-2189-40B0-B25F-5D35927A28F7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DE3AF3CE-0DD5-49DD-9914-3C8411E45854}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\x-men origins - wolverine(tm)\binaries\wolverine.exe |
"{EE3CF307-80A8-4983-A15A-E22FE71F6C7B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F89D6B45-77C3-4CA5-B6CA-C0270760C258}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417051FF}" = Java 7 Update 51 (64-bit)
"{4A14DD4A-906A-4B04-A80C-6C589CDBE253}" = ESET Smart Security
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-041B-1000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0016-041B-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0018-041B-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0019-041B-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-001A-041B-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001B-041B-1000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040E-1000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-041B-1000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-041B-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Slovak) 2010
"{90140000-0044-041B-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-006E-041B-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-00A1-041B-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00BA-041B-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{90F00673-A276-4A58-B675-B426D39D1E09}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{A10B1524-63B5-40F2-B272-D841CF671C16}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}" = Lenovo Patch Utility 64 bit
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.7.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 9.3.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 9.3.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 9.3.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.9
"{ECE5B218-A086-4E18-A362-D11181681457}" = Intel® PROSet/Wireless WiFi Software
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OnScreenDisplay" = On Screen Display
"Power Management Driver" = Lenovo Power Management Driver
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{123B30B8-99C6-4C48-9E5E-910EEB72E6D3}_is1" = Minecraft version 1.7.2
"{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE}" = Level Quality Watcher
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1EEE876F-7DE7-CBA9-43D1-8C0A0E9ECC47}_is1" = Minecraft 1.5.2 plna hra version for Windows
"{21D4F3BB-C27F-C0B8-D59E-F964BD04F894}_is1" = GTA - San Andreas (Multiplayer) version for Windows
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{4202BACB-9648-8FE7-7FEB-E53929EF955D}_is1" = arovn Minecraft 1.5.2 version for Windows
"{49C7C0B7-8887-3D2A-E2D2-C327DC57518B}_is1" = Minecraft 1.7.2 warez Launcher version for Windows
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52AC37AD-2435-4BD8-A28A-5AF1306EF69B}" = Transformers(TM) - Le Jeu Demo
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}" = Call of Duty(R) 4 - Modern Warfare(TM) Demo
"{6B9DBFD4-55F6-9997-73B1-880AFBBDF3CD}_is1" = Minecraft server [plna verzia funkcna odskusana] pre 64bitove verzie a 32bitove funguje iba na JAVA 7 obsahuje navod ako upravit a je v php suboroch version for Windows
"{6F1EC187-3C90-4CC5-A567-ADC4DC31CD61}" = The Spider-Man 2 Demo
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7F0B94C6-828C-4EDE-A86B-ECF4D792B68D}" = Activision(R)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Czech
"{AD32F5E9-6BDD-480A-8B7B-95571D04691C}" = Lenovo Patch Utility
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = Integrated Camera
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{B48F89D1-9C21-40EB-3556-7ED354119A2E}_is1" = carovny minecraft 1 7 2 exe plna verze version for Windows
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{C39B5C1D-622F-99DC-CD49-545FEA77135B}_is1" = Minecraft 1.4.7 version for Windows
"{CE7648A8-B699-74AB-BFD4- 55F93045D0E}_is1" = MINECRAFT 1 7 2 plna hra zdarma version for Windows
"{E1F6D17C-5DDB-A69B-1264-153C20E92B7F}_is1" = minecraft 1 5 2 exe plna hra version for Windows
"{E2050D42-1401-D33F-98D4-1EF71A02FA63}_is1" = Minecraft 1.7.4 version for Windows
"{EA9640BE-414E-4195-B53B-7905BF1A5A09}" = Mobile Broadband Drivers
"{EC41B3C8-B21E-E88D-8148-558BF6DFC053}_is1" = Minecraft 1.6.2. pojde vam to 100% pls verte my version for Windows
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.355
"{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}" = Realtek Card Reader
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F407FDB5-8B7D-DEB2-C4F9-9E5AD38BB175}_is1" = Subway Surfers PC version for Windows
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Call of Duty Dawnville Demo" = Call of Duty Dawnville Demo
"DAEMON Tools Lite" = DAEMON Tools Lite
"Doom 3 (TM) Demo" = Doom 3 (TM) Demo
"Google Chrome" = Google Chrome
"GTA:Vice City_SK" = GTA:Vice City_SK
"Hitman 2: Silent Assassin" = Hitman 2: Silent Assassin
"IL-2 Sturmovik Demo" = IL-2 Sturmovik Demo
"InstallConverter" = InstallConverter
"InstallShield_{52AC37AD-2435-4BD8-A28A-5AF1306EF69B}" = Transformers(TM) - Le Jeu Demo
"InstallShield_{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}" = Call of Duty(R) 4 - Modern Warfare(TM) Demo
"InstallShield_{6F1EC187-3C90-4CC5-A567-ADC4DC31CD61}" = The Spider-Man 2 Demo
"InstallShield_{7F0B94C6-828C-4EDE-A86B-ECF4D792B68D}" = X-Men Origins - Wolverine(TM)
"MINECRAFT 1.5.2 FULL 1.00" = MINECRAFT 1.5.2 FULL 1.00
"Mobile Partner" = Mobile Partner
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 21.0.1432.57" = Opera Stable 21.0.1432.57
"Plus-HD-V1.4" = Plus-HD-V1.4
"R1JJRDI=_is1" = GRID 2 (c) Codemasters version 1
"Soldier of Fortune II - SP Demo " = Soldier of Fortune II - SP Demo
"Sumotori Dreams" = Sumotori Dreams
"Traktor 3_is1" = Traktor 3
"Tux Paint Stamps_is1" = Tux Paint Stamps 2009-06-28
"Tux Paint_is1" = Tux Paint 0.9.21c
"Vietcong singleplayer demo" = Vietcong singleplayer demo
"Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-825478306-3476294081-1402375209-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2. 2. 2014 4:37:02 | Computer Name = Lenovo-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 2. 2. 2014 4:37:02 | Computer Name = Lenovo-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 2. 2. 2014 4:39:24 | Computer Name = Lenovo-PC | Source = WinMgmt | ID = 10
Description =

Error - 2. 2. 2014 4:40:06 | Computer Name = Lenovo-PC | Source = Iminent | ID = 0
Description =

Error - 3. 2. 2014 5:07:23 | Computer Name = Lenovo-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 3. 2. 2014 5:07:23 | Computer Name = Lenovo-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 3. 2. 2014 5:09:54 | Computer Name = Lenovo-PC | Source = WinMgmt | ID = 10
Description =

Error - 3. 2. 2014 5:09:57 | Computer Name = Lenovo-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: ZeroConfigService.exe, verzia: 15.3.0.0,
časová značka: 0x5036b2a4 Názov chybového modulu: MurocApi.dll, verzia: 15.3.0.0,
časová značka: 0x5036b1ea Kód výnimky: 0xc0000005 Odstup chyby: 0x0000000000020b2b
Identifikácia
chybného procesu: 0x146c Čas spustenia chybnej aplikácie: 0x01cf20bf9f9e57cf Cesta
chybnej aplikácie: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta chybného
modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll Identifikácia hlásenia: f36f4cf8-8cb2-11e3-b3ec-28d2440e3727

Error - 3. 2. 2014 5:15:34 | Computer Name = Lenovo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 3. 2. 2014 5:15:34 | Computer Name = Lenovo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

[ Lenovo-Message Center Plus/Admin Events ]
Error - 13. 4. 2014 7:41:24 | Computer Name = Lenovo-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Žiadny takýto hostiteľ nie je známy -> Exception message:
Žiadny takýto hostiteľ nie je známy

Error - 13. 4. 2014 7:41:24 | Computer Name = Lenovo-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Žiadny takýto hostiteľ nie je známy -> Exception message:
Žiadny takýto hostiteľ nie je známy

Error - 13. 4. 2014 7:41:24 | Computer Name = Lenovo-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Žiadny takýto hostiteľ nie je známy -> Exception message:
Žiadny takýto hostiteľ nie je známy

Error - 14. 4. 2014 7:20:47 | Computer Name = Lenovo-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Žiadny takýto hostiteľ nie je známy -> Exception message:
Žiadny takýto hostiteľ nie je známy

Error - 14. 4. 2014 7:20:50 | Computer Name = Lenovo-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Žiadny takýto hostiteľ nie je známy -> Exception message:
Žiadny takýto hostiteľ nie je známy

Error - 14. 4. 2014 7:20:52 | Computer Name = Lenovo-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Žiadny takýto hostiteľ nie je známy -> Exception message:
Žiadny takýto hostiteľ nie je známy

Error - 22. 4. 2014 7:19:11 | Computer Name = Lenovo-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Žiadny takýto hostiteľ nie je známy -> Exception message:
Žiadny takýto hostiteľ nie je známy

Error - 22. 4. 2014 7:19:11 | Computer Name = Lenovo-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Žiadny takýto hostiteľ nie je známy -> Exception message:
Žiadny takýto hostiteľ nie je známy

Error - 22. 4. 2014 7:19:12 | Computer Name = Lenovo-PC | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Žiadny takýto hostiteľ nie je známy -> Exception message:
Žiadny takýto hostiteľ nie je známy

Error - 27. 4. 2014 14:39:22 | Computer Name = Lenovo-PC | Source = Lenovo-Message Center Plus/Admin | ID = 4
Description = The file C:\ProgramData\Lenovo\MessageCenterPlus\ServerRepository\temp\TOC.cab
does not have a Lenovo Digital Signature. The file will be deleted

[ System Events ]
Error - 28. 12. 2013 2:42:39 | Computer Name = Lenovo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Datamngr Coordinator zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 28. 12. 2013 2:43:44 | Computer Name = Lenovo-PC | Source = Service Control Manager | ID = 7006
Description = Volanie ScRegSetValueExW zlyhalo pre FailureActions s nasledujúcou
chybou: %%5

Error - 28. 12. 2013 2:43:57 | Computer Name = Lenovo-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Update GreyGray bol dosiahnutý
časový limit (30000 ms).

Error - 28. 12. 2013 2:43:57 | Computer Name = Lenovo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Update GreyGray zlyhalo kvôli nasledujúcej chybe:
%%1053

Error - 28. 12. 2013 2:44:27 | Computer Name = Lenovo-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby Util GreyGray bol dosiahnutý časový
limit (30000 ms).

Error - 28. 12. 2013 2:44:27 | Computer Name = Lenovo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Util GreyGray zlyhalo kvôli nasledujúcej chybe: %%1053

Error - 28. 12. 2013 2:44:57 | Computer Name = Lenovo-PC | Source = Service Control Manager | ID = 7009
Description = Počas čakania na pripojenie služby ValBioService bol dosiahnutý časový
limit (30000 ms).

Error - 28. 12. 2013 2:44:57 | Computer Name = Lenovo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby ValBioService zlyhalo kvôli nasledujúcej chybe: %%1053

Error - 28. 12. 2013 2:45:11 | Computer Name = Lenovo-PC | Source = Service Control Manager | ID = 7034
Description = Služba Conexant Audio Message Service sa neočakávane ukončila. Služba
sa týmto spôsobom ukončila už 1-krát.

Error - 28. 12. 2013 2:52:26 | Computer Name = Lenovo-PC | Source = Service Control Manager | ID = 7006
Description = Volanie ScRegSetValueExW zlyhalo pre FailureActions s nasledujúcou
chybou: %%5

< End of report >

Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12. 7. 2014
Scan Time: 12:24:55
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.12.01
Rootkit Database: v2014.07.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Lenovo

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 442713
Time Elapsed: 58 min, 4 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-nova.exe, 2240, , [a7fadfbfdd9ee2541990fc8502ff8080]

Modules: 1
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-nova.dll, , [861ba1fd4734ca6c99f04e5810f2bc44],

Registry Keys: 66
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511831162}, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110511831162}, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440544834462}, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550555835562}, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660566836662}, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550555835562}, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660566836662}, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440544834462}, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0058362.BHO.1, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511831162}, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511831162}, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0058362.BHO, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0058362.BHO, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0058362.BHO.1, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220522832262}, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0058362.Sandbox.1, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0058362.Sandbox, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0058362.Sandbox, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0058362.Sandbox.1, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220522832262}, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511831162}\INPROCSERVER32, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.Babylon.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [b7eabae4daa19f97ab363e128b7757a9],
PUP.Optional.BuenoSearch.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{828DC97A-2277-4E10-92A9-4907FA0922A9}, , [633edcc2552695a1a966a7e621e1c040],
PUP.Optional.BuenoSearch.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}, , [c3de346a8eed1620ef1f2c617c862bd5],
Trojan.Agent.CK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1EEE876F-7DE7-CBA9-43D1-8C0A0E9ECC47}_is1, , [d1d0821cabd07cbab360080306fee41c],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\19979, , [b4ed5b435724b185affd8c473bc7ab55],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\WOW6432NODE\MediaPlayerV1alpha434, , [aef3732bc3b851e5adb10ecf788a38c8],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\MediaViewerV1alpha620, , [3a67524cd8a35cda60625088d1317a86],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MediaViewV1alpha3973, , [9a07d8c6cbb02214eb2adcfc4db5ba46],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MediaViewV1alpha5731, , [39683767ed8e37ffd83ddafe669cda26],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MediaWatchV1home567, , [5d446539dba09f97d87335db9b6955ab],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\Plus-HD-V1.4, , [8918712d95e60d294385e9e6c53d3ec2],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\Torntv V6.0, , [c8d9dbc31665c27495637a6747bbd828],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, , [524ff2acf48776c0b58d229605fd0bf5],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\19979, , [40617e2052295fd77e2e765db94958a8],
PUP.Optional.Adpeak, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE}, , [930eabf38cef39fd542137c947bd6a96],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-V1.4, , [673a138be2993600aa1668678e7452ae],
PUP.Optional.Adpeak, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Scorpion Saver, , [5e43108e601b5ed8b7f532aed1311be5],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Allin1Convert_8h, , [dbc6aaf41665e452c084110047bde61a],
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ilividmoviestoolbarha, , [e2bf0b93e09b46f0578b8a56cd356c94],
PUP.Optional.Ividi.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\iVIDI Plugin, , [e8b9a5f9a3d8df575e0e3ca4fe0438c8],
PUP.Optional.Ividi.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\iVIDI.org, , [326f019d69120630db92746c000239c7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [9c059b03b0cb60d6700f937741c359a7],
PUP.Optional.LevelQualityWatcher.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Level Quality Watcher, , [871ac4da6e0d39fd1b3b438fe9196799],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-V1.4, , [fea39509a7d448ee7050e2ede81a3ec2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\19979, , [722f0896691296a004a9963dea185ba5],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Plus HD, , [168ba7f70f6c5adc73e4567d2bd754ac],
PUP.Optional.Softonic.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [e9b8801e4a315adc3ace3a95fb075ea2],
PUP.Optional.Ividi.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\iVIDI Plugin, , [bee3ebb3daa18ea8a0cc3aa634ce53ad],
PUP.Optional.Ividi.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\iVIDI.org, , [7e233c62b6c52016600dae3227db9a66],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, , [cbd6c9d5cfac53e3bd25c9fbe71bbb45],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Plus-HD-V1.4, , [861ba1fd4734ca6c99f04e5810f2bc44],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [148d1f7f4437e0562098e3d4966ce51b],

Registry Values: 2
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [524ff2acf48776c0b58d229605fd0bf5]
PUP.Optional.Adpeak, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE}|DisplayName, Level Quality Watcher, , [930eabf38cef39fd542137c947bd6a96]

Registry Data: 1
Hijack.StartPage, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.buenosearch.com/?babsrc=HP_s ... l&tsp=5282, Good: (www.google.com), Bad: (http://www.buenosearch.com/?babsrc=HP_s ... l&tsp=5282),,[b5ecd6c876053402c0355943db2960a0]

Folders: 10
Trojan.Agent.CK, C:\Program Files (x86)\Minecraft 1.5.2 plna hra, , [d1d0821cabd07cbab360080306fee41c],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\bitstreams, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4, , [861ba1fd4734ca6c99f04e5810f2bc44],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{F332660A-E2F7-465F-A4C2-C20239895E94}, , [148d1f7f4437e0562098e3d4966ce51b],

Files: 96
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-nova.exe, , [a7fadfbfdd9ee2541990fc8502ff8080],
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-bho64.dll, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-bho.dll, , [dfc21e805a21f5417e2b0d74926f659b],
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\96431e5d-5723-4d78-ae7b-7096d51b336b-11.exe, , [bbe6ecb288f39d992881374aa25fa15f],
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\96431e5d-5723-4d78-ae7b-7096d51b336b-2.exe, , [554c59450f6c8aac9e0bff822bd634cc],
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\96431e5d-5723-4d78-ae7b-7096d51b336b-3.exe, , [f0b1d9c590eb77bfb4f5a6dba16052ae],
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\96431e5d-5723-4d78-ae7b-7096d51b336b-4.exe, , [b0f1e1bd5b2089ada0092e5340c1cf31],
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\96431e5d-5723-4d78-ae7b-7096d51b336b-5.exe, , [9b06abf3fa812511c8e17b068e73b34d],
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-bg.exe, , [623f4c52b5c6be78aaff7c051be6ab55],
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-codedownloader.exe, , [3d64d3cbff7cc37309a01071f50c3bc5],
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-novainstaller.exe, , [069b425c502b1323dbcef58c36cb45bb],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Plus-HD-V1.4\utils.exe, , [4061207e7a01ca6c09f1201fab5544bc],
PUP.Optional.Installrex, C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\File System\003\t\00\00000000, , [752cd3cbb7c42a0cf67a175dc73ab848],
PUP.Optional.CodecPerformer.A, C:\Users\Lenovo\Downloads\CodecPerformerSetup.exe, , [7e2386186a112f075cfe6b09ed1419e7],
PUP.Optional.Delta.A, C:\ProgramData\DSearchLink\DSearchLink.exe, , [6938f3ab502b7cbab5a2bba008fcf40c],
BitcoinMiner, C:\System Volume Information\SystemRestore\FRStaging\Windows\inf\msabpxdni\msabpxdni.exe, , [b2ef18867209191d52b5e024936ef709],
BitcoinMiner, C:\System Volume Information\SystemRestore\FRStaging\Windows\inf\msgabtgfk\msgabtgfk.exe, , [138e514da8d3b68036d1bd47f60ba35d],
Trojan.BitMiner, C:\Windows\inf\mnchlfwgb\mnchlfwgb.exe, , [524f643aa3d87db9241c3d737b861ae6],
BitcoinMiner, C:\Windows\inf\msgabtgfk\msgabtgfk.exe, , [4b560e9012690135a2650df759a8fb05],
BitcoinMiner, C:\Windows\inf\msruiomt\msruiomt.exe, , [f3ae6d31651665d1ae59b15340c19967],
BitcoinMiner, C:\Windows\inf\mssbsgwp\mssbsgwp.exe, , [faa7811d0873b086bf48e12340c14cb4],
PUP.Optional.Bitcoin, C:\Windows\inf\msut\acumsut.exe, , [f3ae306ec8b3b1859aa83f60659c17e9],
Trojan.BitMiner, C:\Windows\inf\msut\dcgmsut.exe, , [f9a84d519be0fb3b241c09a7eb1634cc],
PUP.BitCoinMiner, C:\Windows\inf\msut\lcpmsut.exe, , [5b46bfdfb5c63ef833d0001550b18f71],
BitcoinMiner, C:\Windows\inf\mswwrfy\mswwrfy.exe, , [960b831b601b2a0cb84fec187a87966a],
BitcoinMiner, C:\Windows\inf\msyjeupt\msyjeupt.exe, , [f7aac6d81b602b0b55b20ef607fa4ab6],
PUP.Optional.Adpeak, C:\Windows\Installer\9b2b89.msi, , [d8c9841ac6b5f145877010172ed646ba],
PUP.Optional.Bitcoin, C:\Windows\SysWOW64\acumncebxu.exe, , [356c4d516c0f56e0ad955a45c93820e0],
PUP.Optional.Bitcoin, C:\Windows\SysWOW64\acumncsiqa.exe, , [dfc2e4baa7d40c2a1230e2bd9968b54b],
PUP.Optional.Bitcoin, C:\Windows\SysWOW64\acumncvfvmdy.exe, , [b7ea06986417e1551c269c03709136ca],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmncebxu.exe, , [bee3702ecdae0630e060d4dcbf42dd23],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmncsiqa.exe, , [6839c2dc7ffcd75f81bfecc44db429d7],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmncvfvmdy.exe, , [3c65603e7605ba7c9aa60da323de8d73],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncebxu.exe, , [fda4346a25567eb891726baa926f5da3],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncsiqa.exe, , [5051396548331f17a26134e1c938d32d],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncvfvmdy.exe, , [663b7a242457f83e63a056bfc23f619f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-1, , [158cf9a5e893b77f1924c2f67a888878],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-11, , [a1001f7f8af1e94d8fae2c8c33cf04fc],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-2, , [6140405ecbb064d24eef694f51b1a65a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-3, , [acf54658b4c7be78b687c7f104fee31d],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-4, , [3968fba3572493a3f9446157788a26da],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-5, , [1c85d4cab4c7b4824eef6058dd257987],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-6, , [fba6534b621993a3ab921e9a03ff9b65],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-7, , [4f52c3dbb9c287afdb62dfd96c96d729],
PUP.Optional.Superfish.A, C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [1190930bb0cb69cd8558a81fcb375da3],
PUP.Optional.Superfish.A, C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [326f1886611aa393f9e407c035cdc53b],
Trojan.Script, C:\Windows\SysWOW64\msulvvxd.vbe, , [cfd2bce27a0164d2c0f428b855ad926e],
Malware.Trace, C:\Windows\inf\ntvdm.inf, , [574a9a0498e3a98d3021cf28a55ed927],
PUP.Optional.Kango.A, C:\ProgramData\Microsoft\Windows\DRM\Server\notificatoin_1.0.0.crx, , [2b769c0232493ff76abdbf471be955ab],
Trojan.Agent.CK, C:\Program Files (x86)\Minecraft 1.5.2 plna hra\unins000.dat, , [d1d0821cabd07cbab360080306fee41c],
Trojan.Agent.CK, C:\Program Files (x86)\Minecraft 1.5.2 plna hra\unins000.exe, , [d1d0821cabd07cbab360080306fee41c],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-1.job, , [faa7f6a8ef8c3303da22d73fe2228080],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-11.job, , [059ce9b55229a195f10b1006867ea25e],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-2.job, , [3968fda185f60036609c5eb8df2502fe],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-3.job, , [0a97207ef18a61d53bc18d894bb943bd],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-4.job, , [b5ec9c02d0abc6707686809657ad40c0],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-5.job, , [99085e40bebd2016e81438dea1630af6],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-6.job, , [6e33bee099e2b87eaa52c5518b790bf5],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-7.job, , [bbe66e306714082ebf3d22f402023bc5],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [2e73910dcab1ab8bba58fd1a31d37987],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [6b36fda1166570c6868d4dca4aba4fb1],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [c2df524c04777bbbac686cab41c36e92],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [d0d12e70304b9e98ef2648cfee16a35d],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\diablo130302.cl, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\diakgcn121016.cl, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\libcurl-4.dll, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\libeay32.dll, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\libidn-11.dll, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\librtmp.dll, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\libssh2.dll, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\phatk121016.cl, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\poclbm130302.cl, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\scrypt130511.cl, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\ssleay32.dll, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\zlib1.dll, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [edb4c1dd1f5cf73f35a5ced1c83abf41],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\1293297481.mxaddon, , [861ba1fd4734ca6c99f04e5810f2bc44],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\360-58362.crx, , [861ba1fd4734ca6c99f04e5810f2bc44],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\58362.crx, , [861ba1fd4734ca6c99f04e5810f2bc44],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\58362.xpi, , [861ba1fd4734ca6c99f04e5810f2bc44],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\96431e5d-5723-4d78-ae7b-7096d51b336b.crx, , [861ba1fd4734ca6c99f04e5810f2bc44],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\background.html, , [861ba1fd4734ca6c99f04e5810f2bc44],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\bgNova.html, , [861ba1fd4734ca6c99f04e5810f2bc44],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-nova.dll, , [861ba1fd4734ca6c99f04e5810f2bc44],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4.ico, , [861ba1fd4734ca6c99f04e5810f2bc44],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\Uninstall.exe, , [861ba1fd4734ca6c99f04e5810f2bc44],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [148d1f7f4437e0562098e3d4966ce51b],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [148d1f7f4437e0562098e3d4966ce51b],

Physical Sectors: 0
(No malicious items detected)

(end)

Windows registrovany na firmu MobiCom

jacho6380 píše:Windows registrovany na firmu MobiCom

Takze se jedna o firemni pc?

Jinak krasna sbirka

Aj notebook aj Win je na firmu ale pouziva ho syn a tak to aj vyzera....

Pokud ale notas patri firme, pravidla fora mi nedovoluji pokracovat.

http://forum.viry.cz/viewtopic.php?f=12&t=5601

6. Fórum viry.cz se nezabývá odvirováním firemních PC - na toto jsou ve firmách placení (a někdy až hodně nadstandardně) IT technici, případně si je firma může najmout. My jsme tu zdarma a ve svém volném čase, nehodláme dělat práci za někoho jiného, kdo si pak jen slízne smetánku a plat. Taktéž ani neposkytujeme poradenství v oblasti zabezpečení firemních sítí či nastavení firemních sítí. Zkrátka a jednoduše, naše fórum poskytuje podporu pouze domácím uživatelům.

Nejde ani tak o cas, ale muzou tam byt firemni data a kdyz se neco nepovede, muze byt problem. Nehlede na to, ze tyto stroje byvaji casto sledovane nejakym programem, ktere muzou nami pouzite programy odstrelit = dalsi pruser.

Zle ste ma pochopili, notebook som kupoval vyhradne domov synovi na moju firmu (vysiel lacnejsie) a nakolko som mal este volnu licenciu na windows tak som ju tiez pouzil, on tam nic nema len tie kravinky nainstalovane

Dobra tedy. Cili vsechny nalezy MBAM nechte odstranit (do karanteny). Po odstraneni a restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 15. 7. 2014
Scan Time: 14:56:56
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.12.02
Rootkit Database: v2014.07.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Lenovo

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 443688
Time Elapsed: 58 min, 39 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 64
PUP.Optional.Babylon.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [752dcdd1dc9f0e28c8184808a65c629e],
PUP.Optional.BuenoSearch.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{828DC97A-2277-4E10-92A9-4907FA0922A9}, , [b7eb2876cdae0b2bdb33553815edc43c],
PUP.Optional.BuenoSearch.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}, , [ffa3b5e9314a83b37895117c669cc23e],
Trojan.Agent.CK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1EEE876F-7DE7-CBA9-43D1-8C0A0E9ECC47}_is1, , [5c46bae4bbc0af87b161f3187a8a867a],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0058362.BHO, , [30720a940e6d77bf5aa87e79699aa25e],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0058362.BHO.1, , [7b275747c2b9e353778b9f583dc655ab],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0058362.Sandbox, , [069cfda17506fe3828dab14614ef50b0],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0058362.Sandbox.1, , [79296c3246359e9841c117e0679cf30d],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\19979, , [6d3595097b00c2744b6023b0956d7a86],
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\WOW6432NODE\MediaPlayerV1alpha434, , [8220cdd1611ab2842d301fbeb44ef50b],
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\MediaViewerV1alpha620, , [b3ef217d79023afc58693a9e2cd67987],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MediaViewV1alpha3973, , [7a28aef087f44fe7ff152bad10f229d7],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MediaViewV1alpha5731, , [a0021b83ee8db97d61b3c117ca387c84],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MediaWatchV1home567, , [eab8a8f61c5f5adc7eccce42758f58a8],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\Plus-HD-V1.4, , [cbd7415d86f5e94d19ae21ae20e26b95],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\Torntv V6.0, , [069c5f3f88f39d99a84f80612bd76d93],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0058362.BHO, , [ecb6732bd8a32c0a44be1cdbe71cf60a],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0058362.BHO.1, , [5b47ced00972eb4ba9590aedfb08ab55],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0058362.Sandbox, , [61417d215a216acc4fb3fff81ce7ec14],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0058362.Sandbox.1, , [d8caf1ad2556330360a23bbc0df631cf],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, , [50524a5406752b0ba79aebcd20e205fb],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\19979, , [732f5c429fdc84b27b30efe4ce349070],
PUP.Optional.Adpeak, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE}, , [2f731a84abd0a591dd978f7115efbe42],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-V1.4, , [267c108e1566ab8b7b44c8076d95e917],
PUP.Optional.Adpeak, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Scorpion Saver, , [0c96603e126973c32388806020e29e62],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Allin1Convert_8h, , [c9d96737512a41f5a0a349c8fd078b75],
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ilividmoviestoolbarha, , [c4de148a57245cda50910dd337cb5ba5],
PUP.Optional.Ividi.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\iVIDI Plugin, , [d9c9c5d9d6a5a98d0f5c26ba62a0db25],
PUP.Optional.Ividi.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\iVIDI.org, , [d2d0316dd5a6f244c0ac548c42c06799],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [efb38816710afd39314da3672bd9a759],
PUP.Optional.LevelQualityWatcher.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Level Quality Watcher, , [6c369707b2c9f244c98ccf0325ddd927],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-V1.4, , [5250e1bd5d1ef73fe9d6557a0ff356aa],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\19979, , [0b971d815e1d5adc5b51676c8f7331cf],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Plus HD, , [4e542a7497e4d165e274e1f2e022ab55],
PUP.Optional.Softonic.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [f6ace6b8f3882511689fb61946bc3dc3],
PUP.Optional.Ividi.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\iVIDI Plugin, , [9e045846d8a3a690442702ded42ee020],
PUP.Optional.Ividi.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\iVIDI.org, , [e6bcb6e82952f83e442811cf4cb67987],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-825478306-3476294081-1402375209-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, , [bbe7ecb232491a1c618004c08e743ec2],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110511831162}, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440544834462}, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550555835562}, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660566836662}, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550555835562}, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660566836662}, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440544834462}, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511831162}, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511831162}, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511831162}, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220522832262}, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220522832262}, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511831162}\INPROCSERVER32, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Plus-HD-V1.4, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [5b47623c394255e1eec9892e54aeba46],

Registry Values: 2
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [50524a5406752b0ba79aebcd20e205fb]
PUP.Optional.Adpeak, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE}|DisplayName, Level Quality Watcher, , [2f731a84abd0a591dd978f7115efbe42]

Registry Data: 1
Hijack.StartPage, HKU\S-1-5-21-825478306-3476294081-1402375209-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.buenosearch.com/?babsrc=HP_s ... l&tsp=5282, Good: (www.google.com), Bad: (http://www.buenosearch.com/?babsrc=HP_s ... l&tsp=5282),,[a9f9e7b73b407bbbda1a693353b18977]

Folders: 10
Trojan.Agent.CK, C:\Program Files (x86)\Minecraft 1.5.2 plna hra, , [5c46bae4bbc0af87b161f3187a8a867a],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\bitstreams, , [485a148a57248aac15c4dbc4b34f7c84],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{F332660A-E2F7-465F-A4C2-C20239895E94}, , [5b47623c394255e1eec9892e54aeba46],

Files: 84
PUP.Optional.HDPlus.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-bg.exe, , [f5ad2a742952f1453f6a5d24728fd22e],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Plus-HD-V1.4\utils.exe, , [a9f91886b3c8a59106f44bf41be5ef11],
PUP.Optional.Installrex, C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\File System\003\t\00\00000000, , [188a8c1282f9db5bb1bf6113d42d8080],
PUP.Optional.CodecPerformer.A, C:\Users\Lenovo\Downloads\CodecPerformerSetup.exe, , [f4ae9fff6417c96d3228f77d679a0cf4],
PUP.Optional.Delta.A, C:\ProgramData\DSearchLink\DSearchLink.exe, , [dbc7495582f9142273e395c6b351f808],
BitcoinMiner, C:\System Volume Information\SystemRestore\FRStaging\Windows\inf\msabpxdni\msabpxdni.exe, , [5e44b9e5accf280e31d6b450659c2bd5],
BitcoinMiner, C:\System Volume Information\SystemRestore\FRStaging\Windows\inf\msgabtgfk\msgabtgfk.exe, , [d6cc019dbdbe5cdad532a064a55c5ba5],
Trojan.BitMiner, C:\Windows\inf\mnchlfwgb\mnchlfwgb.exe, , [2f733f5f48339b9b43fc991717ea8a76],
BitcoinMiner, C:\Windows\inf\msgabtgfk\msgabtgfk.exe, , [257d6b332655c373c740fe06808135cb],
BitcoinMiner, C:\Windows\inf\msruiomt\msruiomt.exe, , [3c663866a3d891a58681699be41da957],
BitcoinMiner, C:\Windows\inf\mssbsgwp\mssbsgwp.exe, , [4a58d1cd24578fa7f90e9371c23ffa06],
PUP.Optional.Bitcoin, C:\Windows\inf\msut\acumsut.exe, , [752d643acead8fa7370a752a6e93e41c],
Trojan.BitMiner, C:\Windows\inf\msut\dcgmsut.exe, , [188a425c562589adef50e6ca68996b95],
PUP.BitCoinMiner, C:\Windows\inf\msut\lcpmsut.exe, , [dac8029c8cefec4afc07c94ceb16817f],
BitcoinMiner, C:\Windows\inf\mswwrfy\mswwrfy.exe, , [fea42b733c3fa690bf48ef159c65ac54],
BitcoinMiner, C:\Windows\inf\msyjeupt\msyjeupt.exe, , [e6bc108e90eb5ed83bcc9470c23f9070],
PUP.Optional.Adpeak, C:\Windows\Installer\9b2b89.msi, , [346e06982853b77fd4227bacac589c64],
PUP.Optional.Bitcoin, C:\Windows\SysWOW64\acumncebxu.exe, , [12902d7195e6dc5a1b26396621e0cc34],
PUP.Optional.Bitcoin, C:\Windows\SysWOW64\acumncsiqa.exe, , [22804757b5c68bab64dd6738e61b936d],
PUP.Optional.Bitcoin, C:\Windows\SysWOW64\acumncvfvmdy.exe, , [cbd7514d90eb7db9370a7b248a77629e],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmncebxu.exe, , [c6dc0f8f84f7ec4a0c33911fe918ca36],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmncsiqa.exe, , [bce6702e8eed89adc37cedc3fe039d63],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmncvfvmdy.exe, , [a8fa5d410477f93dca758a267e835fa1],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncebxu.exe, , [cad83d615b203ef84ab9dd388b768e72],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncsiqa.exe, , [b8ea5846d1aa9c9acd36ea2bb84959a7],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncvfvmdy.exe, , [faa8c3db87f47cba63a0ce47bd44b24e],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-1, , [4d558a14bcbf85b1f14be7d18181e917],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-11, , [089ac0de9edd67cf07357444ef13d32d],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-2, , [bae807975427df574af2991f3dc5758b],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-3, , [5250dac4d1aa5ed8f24ab9ff08fa9967],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-4, , [c2e00698fe7dbd7990ac0aaeab570ff1],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-5, , [19897628dd9ec76f122aae0ab84a51af],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-6, , [465c39657803a2940c305860ed1531cf],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-7, , [5e44306e9fdc04324eee9622e31f35cb],
PUP.Optional.Superfish.A, C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [01a1623c562549ed39a312b5887a956b],
PUP.Optional.Superfish.A, C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [0b977b233348b77fd00c4483e81aa65a],
Trojan.Script, C:\Windows\SysWOW64\msulvvxd.vbe, , [d4ce435b97e4191db102f1efe919ca36],
PUP.Optional.Kango.A, C:\ProgramData\Microsoft\Windows\DRM\Server\notificatoin_1.0.0.crx, , [3171ecb233482016a77f25e1c04433cd],
Trojan.Agent.CK, C:\Program Files (x86)\Minecraft 1.5.2 plna hra\unins000.dat, , [5c46bae4bbc0af87b161f3187a8a867a],
Trojan.Agent.CK, C:\Program Files (x86)\Minecraft 1.5.2 plna hra\unins000.exe, , [5c46bae4bbc0af87b161f3187a8a867a],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-1.job, , [5b47b9e50774ea4cf3089383877da060],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-11.job, , [554d138b4a3140f69269fa1c699b9d63],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-2.job, , [5d45108e6714dd599e5dc74fe71d50b0],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-3.job, , [dcc6d0ce8bf040f636c5db3b24e0c739],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-4.job, , [ced4029ca3d8b0869c5f70a66f957888],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-5.job, , [b3eff1ad57244aeccf2c3fd79e66f10f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-6.job, , [5a48287687f42a0ccc2f8f87bd47946c],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96431e5d-5723-4d78-ae7b-7096d51b336b-7.job, , [7032d0ce7efd7bbbf00bb75f956fa55b],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [e7bbbfdfccaf1f17e031a374f4103ac6],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [1f83772752291d19779b67b093712ed2],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [1c869e0096e573c37d964ccbf3119b65],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [a101217d7704171fd93bda3dc83c30d0],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\diablo130302.cl, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\diakgcn121016.cl, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\libcurl-4.dll, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\libeay32.dll, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\libidn-11.dll, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\librtmp.dll, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\libssh2.dll, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\phatk121016.cl, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\poclbm130302.cl, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\scrypt130511.cl, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\ssleay32.dll, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\zlib1.dll, , [485a148a57248aac15c4dbc4b34f7c84],
Trojan.Agent.BCM, C:\Windows\inf\mnchlfwgb\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [485a148a57248aac15c4dbc4b34f7c84],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\1293297481.mxaddon, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\360-58362.crx, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\58362.crx, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\58362.xpi, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\96431e5d-5723-4d78-ae7b-7096d51b336b.crx, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\background.html, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\bgNova.html, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-bho.dll, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4-bho64.dll, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\Plus-HD-V1.4.ico, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-V1.4\Uninstall.exe, , [d8cabce2d3a8c274f593297d43bf26da],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [5b47623c394255e1eec9892e54aeba46],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [5b47623c394255e1eec9892e54aeba46],

Physical Sectors: 0
(No malicious items detected)

(end)

VIRY.CZ

Problem s Chrome

Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome

Re: Problem s Chrome