Logfile of random's system information tool 1.10 (written by random/random)
Run by Elen at 2016-03-23 13:55:03
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 141 GB (48%) free of 296 GB
Total RAM: 3824 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:55:06, on 23. 3. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\trend micro\Elen.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: BHOHOOK - {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O4 - HKUS\S-1-5-21-135267206-3340581296-3271041078-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-21-135267206-3340581296-3271041078-1005\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-21-135267206-3340581296-3271041078-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NeroMediaHomeUser.4')
O4 - S-1-5-21-135267206-3340581296-3271041078-1005 User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'NeroMediaHomeUser.4')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service2 - Unknown owner - C:\windows\System32\SUPDSvc2.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10501 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
winlogon.exe
"C:\Program Files\Fingerprint Sensor\ATService.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\hasplms.exe -run
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe"
"C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe"
openvpn --service openvpn_exit_1 1 --config "komandordialog.ovpn"
\??\C:\windows\system32\conhost.exe "127968731917311445031346049813-175677622520860592902005637544722163727-2005657896
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\windows\system32\ThpSrv.exe
C:\windows\system32\TODDSrv.exe
"C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
taskeng.exe {ADAA0F55-E544-4127-A990-E75C707FB93E}
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
C:\windows\Explorer.EXE
WLIDSvcM.exe 3004
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
C:\windows\System32\alg.exe
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\ThpSrv.exe" /logon
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\windows\system32\GWX\GWX.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
C:\windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\ESET\ESET Smart Security\\eOPPFrame.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\ROYAL\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
=========Mozilla firefox=========
ProfilePath - C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458
prefs.js - "browser.startup.homepage" - "www.google.sk"
"{C1CA7765-44E4-452e-9D00-A04F3D434281}"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.182 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.182 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.73.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.73.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprpplugin.dll
C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\extensions\
{a00bef25-f21a-4539-adbb-b179b29e2b92}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-18 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-18 212576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9}]
TFPUPWDBankBHO Class - C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll [2009-12-23 45488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"=C:\windows\system32\thpsrv /logon []
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-07-28 161304]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-07-28 386584]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-07-28 415256]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2011-01-11 57928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-02-12 8641240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2011-01-11 57928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFNetworkScanUtility]
C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [2012-09-27 486552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero MediaHome 4]
C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [2012-12-20 5179880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 595504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe]
C:\windows\system32\spool\drivers\x64\3\WrtMon.exe [2006-09-20 20480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~2\Toshiba\BLUETO~1\TosBtMng.exe [2009-11-05 2717024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
C:\windows\Installer\{F329E07A-96A2-46C6-94F4-2F35868FA2ED}\app_icon.ico []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk]
C:\PROGRA~2\UNIVER~1\UMS.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-07-28 271360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2016-03-23 13:55:03 ----D---- C:\rsit
2016-03-23 13:55:03 ----D---- C:\Program Files\trend micro
2016-03-19 20:29:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-18 15:33:14 ----A---- C:\windows\system32\WindowsAccessBridge-64.dll
2016-03-18 15:32:44 ----D---- C:\Program Files\Java
2016-03-14 13:11:39 ----D---- C:\Program Files (x86)\LG Electronics
2016-03-09 11:18:27 ----A---- C:\windows\system32\ntoskrnl.exe
2016-03-09 11:18:26 ----A---- C:\windows\system32\ntdll.dll
2016-03-09 11:18:25 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2016-03-09 11:18:25 ----A---- C:\windows\SYSWOW64\ntdll.dll
2016-03-09 11:18:25 ----A---- C:\windows\system32\KernelBase.dll
2016-03-09 11:18:25 ----A---- C:\windows\system32\kerberos.dll
2016-03-09 11:18:24 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 11:18:24 ----A---- C:\windows\system32\kernel32.dll
2016-03-09 11:18:23 ----A---- C:\windows\SYSWOW64\kerberos.dll
2016-03-09 11:18:23 ----A---- C:\windows\SYSWOW64\advapi32.dll
2016-03-09 11:18:23 ----A---- C:\windows\system32\advapi32.dll
2016-03-09 11:18:22 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2016-03-09 11:18:21 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2016-03-09 11:18:21 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-03-09 11:18:20 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2016-03-09 11:18:20 ----A---- C:\windows\system32\smss.exe
2016-03-09 11:18:20 ----A---- C:\windows\system32\schannel.dll
2016-03-09 11:18:20 ----A---- C:\windows\system32\rpcrt4.dll
2016-03-09 11:18:20 ----A---- C:\windows\system32\lsasrv.dll
2016-03-09 11:18:20 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-03-09 11:18:18 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-03-09 11:18:18 ----A---- C:\windows\system32\wow64win.dll
2016-03-09 11:18:18 ----A---- C:\windows\system32\srcore.dll
2016-03-09 11:18:18 ----A---- C:\windows\system32\msv1_0.dll
2016-03-09 11:18:18 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-03-09 11:18:17 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-03-09 11:18:17 ----A---- C:\windows\system32\wow64.dll
2016-03-09 11:18:17 ----A---- C:\windows\system32\winsrv.dll
2016-03-09 11:18:17 ----A---- C:\windows\system32\wdigest.dll
2016-03-09 11:18:17 ----A---- C:\windows\system32\TSpkg.dll
2016-03-09 11:18:17 ----A---- C:\windows\system32\sspicli.dll
2016-03-09 11:18:17 ----A---- C:\windows\system32\ncrypt.dll
2016-03-09 11:18:17 ----A---- C:\windows\system32\conhost.exe
2016-03-09 11:18:16 ----A---- C:\windows\SYSWOW64\wdigest.dll
2016-03-09 11:18:16 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-03-09 11:18:16 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2016-03-09 11:18:16 ----A---- C:\windows\system32\lsass.exe
2016-03-09 11:18:16 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-03-09 11:18:16 ----A---- C:\windows\system32\csrsrv.dll
2016-03-09 11:18:15 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2016-03-09 11:18:15 ----A---- C:\windows\system32\wow64cpu.dll
2016-03-09 11:18:15 ----A---- C:\windows\system32\sspisrv.dll
2016-03-09 11:18:15 ----A---- C:\windows\system32\srclient.dll
2016-03-09 11:18:15 ----A---- C:\windows\system32\secur32.dll
2016-03-09 11:18:15 ----A---- C:\windows\system32\cryptbase.dll
2016-03-09 11:18:14 ----A---- C:\windows\SYSWOW64\srclient.dll
2016-03-09 11:18:14 ----A---- C:\windows\SYSWOW64\secur32.dll
2016-03-09 11:18:14 ----A---- C:\windows\SYSWOW64\kernel32.dll
2016-03-09 11:18:14 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2016-03-09 11:18:14 ----A---- C:\windows\system32\rstrui.exe
2016-03-09 11:18:14 ----A---- C:\windows\system32\ntvdm64.dll
2016-03-09 11:18:14 ----A---- C:\windows\system32\credssp.dll
2016-03-09 11:18:13 ----A---- C:\windows\SYSWOW64\wow32.dll
2016-03-09 11:18:13 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2016-03-09 11:18:13 ----A---- C:\windows\SYSWOW64\credssp.dll
2016-03-09 11:18:13 ----A---- C:\windows\SYSWOW64\auditpol.exe
2016-03-09 11:18:13 ----A---- C:\windows\system32\auditpol.exe
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 11:18:12 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 11:18:11 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 11:18:11 ----A---- C:\windows\SYSWOW64\user.exe
2016-03-09 11:18:11 ----A---- C:\windows\SYSWOW64\setup16.exe
2016-03-09 11:18:11 ----A---- C:\windows\SYSWOW64\instnm.exe
2016-03-09 11:18:11 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2016-03-09 11:18:11 ----A---- C:\windows\system32\apisetschema.dll
2016-03-09 11:18:10 ----A---- C:\windows\SYSWOW64\adtschema.dll
2016-03-09 11:18:10 ----A---- C:\windows\system32\adtschema.dll
2016-03-09 11:18:09 ----A---- C:\windows\SYSWOW64\msobjs.dll
2016-03-09 11:18:09 ----A---- C:\windows\SYSWOW64\msaudite.dll
2016-03-09 11:18:09 ----A---- C:\windows\system32\msobjs.dll
2016-03-09 11:18:09 ----A---- C:\windows\system32\msaudite.dll
2016-03-09 11:17:20 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2016-03-09 11:17:20 ----A---- C:\windows\SYSWOW64\inseng.dll
2016-03-09 11:17:20 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-03-09 11:17:20 ----A---- C:\windows\SYSWOW64\iernonce.dll
2016-03-09 11:17:20 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 11:17:20 ----A---- C:\windows\system32\iertutil.dll
2016-03-09 11:17:20 ----A---- C:\windows\system32\iernonce.dll
2016-03-09 11:17:20 ----A---- C:\windows\system32\ieetwproxystub.dll
2016-03-09 11:17:20 ----A---- C:\windows\system32\ieetwcollector.exe
2016-03-09 11:17:19 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-03-09 11:17:19 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-03-09 11:17:19 ----A---- C:\windows\SYSWOW64\occache.dll
2016-03-09 11:17:19 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 11:17:19 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2016-03-09 11:17:19 ----A---- C:\windows\system32\inseng.dll
2016-03-09 11:17:19 ----A---- C:\windows\system32\ie4uinit.exe
2016-03-09 11:17:18 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-03-09 11:17:18 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-03-09 11:17:18 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2016-03-09 11:17:18 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 11:17:17 ----A---- C:\windows\SYSWOW64\iesetup.dll
2016-03-09 11:17:17 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-03-09 11:17:17 ----A---- C:\windows\system32\occache.dll
2016-03-09 11:17:16 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2016-03-09 11:17:16 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2016-03-09 11:17:16 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-03-09 11:17:16 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2016-03-09 11:17:16 ----A---- C:\windows\system32\urlmon.dll
2016-03-09 11:17:16 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2016-03-09 11:17:16 ----A---- C:\windows\system32\ieetwcollectorres.dll
2016-03-09 11:17:16 ----A---- C:\windows\system32\iedkcs32.dll
2016-03-09 11:17:15 ----A---- C:\windows\SYSWOW64\ieui.dll
2016-03-09 11:17:15 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-03-09 11:17:15 ----A---- C:\windows\system32\msfeeds.dll
2016-03-09 11:17:15 ----A---- C:\windows\system32\dxtrans.dll
2016-03-09 11:17:14 ----A---- C:\windows\system32\iesetup.dll
2016-03-09 11:17:14 ----A---- C:\windows\system32\ieapfltr.dll
2016-03-09 11:17:13 ----A---- C:\windows\SYSWOW64\webcheck.dll
2016-03-09 11:17:13 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 11:17:13 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-03-09 11:17:13 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2016-03-09 11:17:13 ----A---- C:\windows\system32\vbscript.dll
2016-03-09 11:17:12 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-03-09 11:17:12 ----A---- C:\windows\SYSWOW64\msrating.dll
2016-03-09 11:17:12 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2016-03-09 11:17:12 ----A---- C:\windows\system32\jsproxy.dll
2016-03-09 11:17:11 ----A---- C:\windows\system32\ieui.dll
2016-03-09 11:17:11 ----A---- C:\windows\system32\ieframe.dll
2016-03-09 11:17:11 ----A---- C:\windows\system32\dxtmsft.dll
2016-03-09 11:17:10 ----A---- C:\windows\system32\webcheck.dll
2016-03-09 11:17:10 ----A---- C:\windows\system32\mshtmlmedia.dll
2016-03-09 11:17:10 ----A---- C:\windows\system32\mshtmled.dll
2016-03-09 11:17:10 ----A---- C:\windows\system32\ieUnatt.exe
2016-03-09 11:17:09 ----A---- C:\windows\system32\wininet.dll
2016-03-09 11:17:09 ----A---- C:\windows\system32\jscript9diag.dll
2016-03-09 11:17:09 ----A---- C:\windows\system32\jscript9.dll
2016-03-09 11:17:09 ----A---- C:\windows\system32\jscript.dll
2016-03-09 11:17:07 ----A---- C:\windows\system32\msrating.dll
2016-03-09 11:17:07 ----A---- C:\windows\system32\MshtmlDac.dll
2016-03-09 11:17:06 ----A---- C:\windows\system32\mshtml.dll
2016-03-09 11:16:39 ----A---- C:\windows\system32\win32k.sys
2016-03-09 11:16:37 ----A---- C:\windows\system32\atmfd.dll
2016-03-09 11:16:36 ----A---- C:\windows\SYSWOW64\lpk.dll
2016-03-09 11:16:36 ----A---- C:\windows\SYSWOW64\fontsub.dll
2016-03-09 11:16:36 ----A---- C:\windows\SYSWOW64\dciman32.dll
2016-03-09 11:16:36 ----A---- C:\windows\SYSWOW64\atmlib.dll
2016-03-09 11:16:36 ----A---- C:\windows\SYSWOW64\atmfd.dll
2016-03-09 11:16:36 ----A---- C:\windows\system32\lpk.dll
2016-03-09 11:16:36 ----A---- C:\windows\system32\fontsub.dll
2016-03-09 11:16:36 ----A---- C:\windows\system32\dciman32.dll
2016-03-09 11:16:36 ----A---- C:\windows\system32\atmlib.dll
2016-03-09 11:16:34 ----A---- C:\windows\system32\drivers\USBSTOR.SYS
2016-03-09 11:16:32 ----A---- C:\windows\SYSWOW64\mfds.dll
2016-03-09 11:16:32 ----A---- C:\windows\system32\mfds.dll
2016-03-09 11:16:31 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-03-09 11:16:31 ----A---- C:\windows\system32\oleaut32.dll
2016-03-09 11:16:31 ----A---- C:\windows\system32\asycfilt.dll
2016-03-09 11:16:30 ----A---- C:\windows\SYSWOW64\asycfilt.dll
2016-03-09 11:03:01 ----A---- C:\windows\system32\seclogon.dll
2016-03-09 11:02:36 ----A---- C:\windows\system32\wmp.dll
2016-03-09 11:02:35 ----A---- C:\windows\SYSWOW64\wmp.dll
2016-03-09 11:02:35 ----A---- C:\windows\system32\spwmp.dll
2016-03-09 11:02:34 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2016-03-09 11:02:34 ----A---- C:\windows\SYSWOW64\spwmp.dll
2016-03-09 11:02:34 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2016-03-09 11:02:34 ----A---- C:\windows\system32\wmploc.DLL
2016-03-09 11:02:34 ----A---- C:\windows\system32\dxmasf.dll
2016-03-04 11:43:29 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2016-03-04 11:43:29 ----A---- C:\windows\SYSWOW64\wups.dll
2016-03-04 11:43:29 ----A---- C:\windows\SYSWOW64\wudriver.dll
2016-03-04 11:43:29 ----A---- C:\windows\SYSWOW64\wuapp.exe
2016-03-04 11:43:29 ----A---- C:\windows\SYSWOW64\wuapi.dll
2016-03-04 11:43:29 ----A---- C:\windows\system32\wuwebv.dll
2016-03-04 11:43:29 ----A---- C:\windows\system32\wups2.dll
2016-03-04 11:43:29 ----A---- C:\windows\system32\wups.dll
2016-03-04 11:43:29 ----A---- C:\windows\system32\wudriver.dll
2016-03-04 11:43:29 ----A---- C:\windows\system32\wucltux.dll
2016-03-04 11:43:29 ----A---- C:\windows\system32\wuaueng.dll
2016-03-04 11:43:29 ----A---- C:\windows\system32\wuauclt.exe
2016-03-04 11:43:29 ----A---- C:\windows\system32\wuapp.exe
2016-03-04 11:43:29 ----A---- C:\windows\system32\wuapi.dll
2016-03-04 11:43:29 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2016-03-04 11:43:29 ----A---- C:\windows\system32\WinSetupUI.dll
2016-03-04 11:43:27 ----A---- C:\windows\system32\invagent.dll
2016-03-04 11:43:27 ----A---- C:\windows\system32\generaltel.dll
2016-03-04 11:43:27 ----A---- C:\windows\system32\devinv.dll
2016-03-04 11:43:27 ----A---- C:\windows\system32\CompatTelRunner.exe
2016-03-04 11:43:27 ----A---- C:\windows\system32\appraiser.dll
2016-03-04 11:43:27 ----A---- C:\windows\system32\aeinv.dll
2016-03-04 11:43:26 ----A---- C:\windows\system32\acmigration.dll
2016-03-04 10:32:16 ----A---- C:\windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-03-04 10:31:22 ----D---- C:\Users\ROYAL\AppData\Roaming\ProductData
2016-03-04 10:31:18 ----D---- C:\ProgramData\ProductData
2016-03-04 10:31:14 ----D---- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-03-04 10:30:32 ----D---- C:\Users\ROYAL\AppData\Roaming\IObit
2016-03-04 10:30:19 ----D---- C:\ProgramData\IObit
2016-03-04 10:30:19 ----D---- C:\Program Files (x86)\IObit
======List of files/folders modified in the last 1 month======
2016-03-23 13:55:03 ----RD---- C:\Program Files
2016-03-23 13:54:51 ----D---- C:\windows\Temp
2016-03-23 10:20:23 ----D---- C:\windows\winsxs
2016-03-23 10:14:27 ----D---- C:\windows\Prefetch
2016-03-23 08:40:39 ----D---- C:\windows\system32\Tasks
2016-03-23 08:40:04 ----D---- C:\windows\system32\config
2016-03-23 08:38:55 ----D---- C:\ProgramData\LogMeIn
2016-03-23 08:38:48 ----A---- C:\windows\SYSWOW64\log.txt
2016-03-23 08:38:33 ----AD---- C:\Windows
2016-03-23 08:38:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-22 13:07:21 ----D---- C:\windows\inf
2016-03-22 13:07:21 ----AD---- C:\windows\System32
2016-03-22 13:07:21 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-03-19 21:29:54 ----D---- C:\Program Files (x86)
2016-03-19 20:02:14 ----D---- C:\Program Files (x86)\LogMeIn
2016-03-19 20:01:10 ----A---- C:\windows\system32\LMIRfsClientNP.dll
2016-03-19 20:01:08 ----A---- C:\windows\system32\LMIinit.dll
2016-03-18 16:05:30 ----D---- C:\windows\debug
2016-03-18 15:33:54 ----SHD---- C:\windows\Installer
2016-03-17 14:05:21 ----D---- C:\windows\system32\DriverStore
2016-03-16 13:05:32 ----D---- C:\Users\ROYAL\AppData\Roaming\vlc
2016-03-14 13:12:12 ----SHD---- C:\System Volume Information
2016-03-11 14:32:22 ----D---- C:\windows\SysWOW64
2016-03-11 14:32:20 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2016-03-11 13:34:33 ----A---- C:\windows\system32\LMIRfsClientNP.dll.000.bak
2016-03-09 16:46:15 ----D---- C:\windows\rescache
2016-03-09 16:17:02 ----D---- C:\windows\Microsoft.NET
2016-03-09 16:16:31 ----RSD---- C:\windows\assembly
2016-03-09 15:49:07 ----D---- C:\windows\SYSWOW64\sk-SK
2016-03-09 15:49:07 ----D---- C:\windows\SYSWOW64\en-US
2016-03-09 15:49:07 ----D---- C:\windows\system32\sk-SK
2016-03-09 15:49:07 ----D---- C:\Program Files\Internet Explorer
2016-03-09 15:49:06 ----D---- C:\windows\system32\en-US
2016-03-09 15:49:05 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-09 15:49:03 ----D---- C:\windows\system32\drivers
2016-03-09 15:49:03 ----D---- C:\windows\AppPatch
2016-03-09 15:49:01 ----D---- C:\Program Files\Windows Media Player
2016-03-09 15:49:01 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-09 14:26:08 ----D---- C:\ProgramData
2016-03-09 13:02:42 ----D---- C:\ProgramData\Microsoft Help
2016-03-09 11:52:58 ----D---- C:\windows\system32\MRT
2016-03-09 11:25:55 ----A---- C:\windows\system32\MRT.exe
2016-03-09 11:06:51 ----D---- C:\windows\system32\catroot2
2016-03-04 12:46:57 ----SD---- C:\ProgramData\Microsoft
2016-03-04 12:01:14 ----D---- C:\windows\SoftwareDistribution
2016-03-04 11:44:07 ----D---- C:\windows\system32\appraiser
2016-03-04 10:36:54 ----D---- C:\windows\Panther
2016-03-04 10:32:16 ----D---- C:\windows\SYSWOW64\drivers
2016-03-04 10:31:07 ----D---- C:\windows\Tasks
2016-03-04 10:30:58 ----D---- C:\Program Files (x86)\Common Files
2016-03-02 19:51:35 ----A---- C:\windows\system32\LMIport.dll
2016-02-27 14:39:12 ----SD---- C:\windows\SYSWOW64\GWX
2016-02-27 14:39:12 ----SD---- C:\windows\system32\GWX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2016-03-17 84800]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys [2010-05-08 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ.SYS [2009-07-14 26840]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2016-03-17 264552]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-12-19 186784]
R1 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2016-03-17 198096]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2016-03-17 53384]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-03-04 27552]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R2 aksdf;aksdf; \??\C:\windows\system32\drivers\aksdf.sys [2011-11-24 78208]
R2 aksfridge;Sentinel Fridge; C:\windows\system32\DRIVERS\aksfridge.sys [2011-11-24 139592]
R2 ekbdflt;ekbdflt; C:\windows\system32\DRIVERS\ekbdflt.sys [2015-12-19 142976]
R2 hardlock;hardlock; \??\C:\windows\system32\drivers\hardlock.sys [2011-10-07 321536]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2013-05-29 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\windows\system32\drivers\LMIRfsDriver.sys [2011-01-11 72216]
R2 rimspci;rimspci; C:\windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
R2 risdpcie;risdpcie; C:\windows\system32\DRIVERS\risdpe64.sys [2009-11-27 80384]
R2 rixdpcie;rixdpcie; C:\windows\system32\DRIVERS\rixdpe64.sys [2011-04-26 53760]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2009-11-27 267824]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver; C:\windows\System32\Drivers\ATSwpWDF.sys [2010-05-20 770152]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\windows\system32\DRIVERS\e1k62x64.sys [2010-01-14 295088]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-07-28 10610400]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2009-10-30 2020512]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-01-08 271872]
R3 lmimirr;lmimirr; C:\windows\system32\DRIVERS\lmimirr.sys [2011-01-11 11552]
R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 StillCam;Still Serial Digital Camera Driver; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 tap0901;TAP-Win32 Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys [2008-11-19 29696]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
R3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 58744]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 akshasp;SafeNet Inc. HASP Key; C:\windows\system32\DRIVERS\akshasp.sys [2009-03-13 53760]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\windows\system32\DRIVERS\akshhl.sys [2011-09-08 57088]
S3 aksusb;SafeNet Inc. USB Key; C:\windows\system32\DRIVERS\aksusb.sys [2011-08-09 21120]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\windows\system32\DRIVERS\lgandnetbus64.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys []
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\windows\system32\DRIVERS\lgandnetmodem64.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\windows\system32\DRIVERS\ewusbnet.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\windows\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusb_cdcacm;hwusb_cdcacm; C:\windows\system32\DRIVERS\ew_cdcacm.sys []
S3 hwusb_wwanecm;hwusb_wwanecm; C:\windows\system32\DRIVERS\ew_wwanecm.sys []
S3 KMWDFILTER;HIDServiceDesc; C:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\windows\system32\DRIVERS\ss_bus.sys [2009-09-21 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\windows\system32\DRIVERS\ss_mdfl.sys [2009-09-21 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\windows\system32\DRIVERS\ss_mdm.sys [2009-09-21 161280]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbbus;LGE Mobile Composite USB Device; C:\windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgx64modem.sys []
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\windows\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-11-14 2723576]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2009-07-31 5762408]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-03-17 2521440]
R2 hasplms;Sentinel HASP License Manager; C:\windows\system32\hasplms.exe [2011-12-02 4913608]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2016-03-19 417288]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2016-03-19 508424]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 262144]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2011-01-11 407424]
R2 NeroMediaHomeService.4;Nero MediaHome 4 Service; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [2012-12-20 518632]
R2 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2008-11-19 15872]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-05-11 124368]
R2 Thpsrv;Ochrana HDD TOSHIBA; C:\windows\system32\ThpSrv.exe [2009-10-21 531520]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-02-25 252928]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-01-14 2945312]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-19 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 Samsung UPD Service2;Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [2011-12-02 165456]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 193904]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-11-05 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-05 824688]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
Zdravím, odinstaluj vše od IObit.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Re: Prosím o kontrolu
Priečinok iobit mi nejde ani odstrániť.
# AdwCleaner v5.105 - Logfile created 24/03/2016 at 11:48:10
# Updated 21/03/2016 by Xplode
# Database : 2016-03-24.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Elen - ROYAL05
# Running from : C:\Users\ROYAL\Desktop\adwcleaner_5.105.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : DRIVERTOOLKIT AUTORUN
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] [C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\prefs.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\user.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\prefs.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\user.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1466 bytes] - [24/03/2016 11:48:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [1499 bytes] - [24/03/2016 11:45:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1612 bytes] ##########
# AdwCleaner v5.105 - Logfile created 24/03/2016 at 11:48:10
# Updated 21/03/2016 by Xplode
# Database : 2016-03-24.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Elen - ROYAL05
# Running from : C:\Users\ROYAL\Desktop\adwcleaner_5.105.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : DRIVERTOOLKIT AUTORUN
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] [C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\prefs.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\user.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\prefs.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\user.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1466 bytes] - [24/03/2016 11:48:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [1499 bytes] - [24/03/2016 11:45:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1612 bytes] ##########
Re: Prosím o kontrolu
To napravíme, stáhni a spusť OTMoveItRoyksopp píše:Priečinok iobit mi nejde ani odstrániť.
do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
Kód: Vybrat vše
:processes
explorer.exe
:files
C:\Program Files (x86)\IObit
C:\Users\ROYAL\AppData\Roaming\IObit
C:\ProgramData\IObit
:services
LiveUpdateSvc
:commands
[purity]
[emptytemp]
[start explorer]pokud aplikace bude požadovat restart, klikni na YES
v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
Re: Prosím o kontrolu
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\Program Files (x86)\IObit not found.
C:\Users\ROYAL\AppData\Roaming\IObit\IObit Uninstaller\UMLog folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Driver Booster\Logs\Scan folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Driver Booster\Logs\Main folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Driver Booster\Logs\Install folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Driver Booster\Logs folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Driver Booster folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager\ShortcutPublic folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager\Shortcut folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\ProgramDeactivator folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\LogBackupboottime folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\LogBackup folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Log folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Internet Booster folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Homepage Protection folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Backup folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit folder moved successfully.
C:\ProgramData\IObit\Driver Booster\License folder moved successfully.
C:\ProgramData\IObit\Driver Booster folder moved successfully.
C:\ProgramData\IObit\ASCDownloader\ASC9 folder moved successfully.
C:\ProgramData\IObit\ASCDownloader folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare\Startup Manager folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare\smBootTime folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare\Homepage Protection folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare folder moved successfully.
C:\ProgramData\IObit folder moved successfully.
========== SERVICES/DRIVERS ==========
Service LiveUpdateSvc stopped successfully!
Service LiveUpdateSvc deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Knappova
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: krondiak
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: NeroMediaHomeUser.4
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: ROYAL
->Temp folder emptied: 2530028 bytes
->Temporary Internet Files folder emptied: 1099201 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 9232691 bytes
->Flash cache emptied: 540 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8414058 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 20,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 03292016_162037
Files moved on Reboot...
C:\Users\ROYAL\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Users\ROYAL\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\windows\temp\TmpFile1 scheduled to be moved on reboot.
File move failed. C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\Program Files (x86)\IObit not found.
C:\Users\ROYAL\AppData\Roaming\IObit\IObit Uninstaller\UMLog folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Driver Booster\Logs\Scan folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Driver Booster\Logs\Main folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Driver Booster\Logs\Install folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Driver Booster\Logs folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Driver Booster folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager\ShortcutPublic folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager\Shortcut folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Startup Manager folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\ProgramDeactivator folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\LogBackupboottime folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\LogBackup folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Log folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Internet Booster folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Homepage Protection folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare\Backup folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit\Advanced SystemCare folder moved successfully.
C:\Users\ROYAL\AppData\Roaming\IObit folder moved successfully.
C:\ProgramData\IObit\Driver Booster\License folder moved successfully.
C:\ProgramData\IObit\Driver Booster folder moved successfully.
C:\ProgramData\IObit\ASCDownloader\ASC9 folder moved successfully.
C:\ProgramData\IObit\ASCDownloader folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare\Startup Manager folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare\smBootTime folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare\Homepage Protection folder moved successfully.
C:\ProgramData\IObit\Advanced SystemCare folder moved successfully.
C:\ProgramData\IObit folder moved successfully.
========== SERVICES/DRIVERS ==========
Service LiveUpdateSvc stopped successfully!
Service LiveUpdateSvc deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Knappova
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: krondiak
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: NeroMediaHomeUser.4
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: ROYAL
->Temp folder emptied: 2530028 bytes
->Temporary Internet Files folder emptied: 1099201 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 9232691 bytes
->Flash cache emptied: 540 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8414058 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 20,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 03292016_162037
Files moved on Reboot...
C:\Users\ROYAL\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Users\ROYAL\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\windows\temp\TmpFile1 scheduled to be moved on reboot.
File move failed. C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: Prosím o kontrolu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Elen at 2016-03-31 08:49:56
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 150 GB (51%) free of 296 GB
Total RAM: 3824 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:49:59, on 31. 3. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Elen.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: BHOHOOK - {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-21-135267206-3340581296-3271041078-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-21-135267206-3340581296-3271041078-1005\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-21-135267206-3340581296-3271041078-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NeroMediaHomeUser.4')
O4 - S-1-5-21-135267206-3340581296-3271041078-1005 User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'NeroMediaHomeUser.4')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service2 - Unknown owner - C:\windows\System32\SUPDSvc2.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10617 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
"C:\Program Files\Fingerprint Sensor\ATService.exe"
winlogon.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\hasplms.exe -run
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
taskeng.exe {5F86318D-07D0-41BE-B808-3497F4DFD15B}
"C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe"
openvpn --service openvpn_exit_1 1 --config "komandordialog.ovpn"
taskeng.exe {2E0F4A4B-091A-4726-80CC-67883A8A8695}
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
\??\C:\windows\system32\conhost.exe "-191118200-882373762-1543220961-194288116910876688771329794363-9934300151849452982
C:\windows\system32\ThpSrv.exe
C:\windows\system32\TODDSrv.exe
"C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
"C:\Windows\System32\ThpSrv.exe" /logon
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
WLIDSvcM.exe 824
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\System32\alg.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\system32\wbem\wmiprvse.exe
taskhost.exe $(Arg0)
C:\windows\system32\sppsvc.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\ROYAL\Desktop\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458
prefs.js - "browser.startup.homepage" - "www.google.sk"
"{C1CA7765-44E4-452e-9D00-A04F3D434281}"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.77.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprpplugin.dll
C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\extensions\
{a00bef25-f21a-4539-adbb-b179b29e2b92}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-28 553024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-28 214080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9}]
TFPUPWDBankBHO Class - C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll [2009-12-23 45488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"=C:\windows\system32\thpsrv /logon []
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-07-28 161304]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-07-28 386584]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-07-28 415256]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2011-01-11 57928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-03-11 8686296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2011-01-11 57928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFNetworkScanUtility]
C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [2012-09-27 486552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero MediaHome 4]
C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [2012-12-20 5179880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-03-20 595480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe]
C:\windows\system32\spool\drivers\x64\3\WrtMon.exe [2006-09-20 20480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~2\Toshiba\BLUETO~1\TosBtMng.exe [2009-11-05 2717024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
C:\windows\Installer\{F329E07A-96A2-46C6-94F4-2F35868FA2ED}\app_icon.ico []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk]
C:\PROGRA~2\UNIVER~1\UMS.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-03-20 595480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-07-28 271360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2016-03-31 08:49:56 ----D---- C:\rsit
2016-03-31 08:49:56 ----D---- C:\Program Files\trend micro
2016-03-24 10:40:59 ----D---- C:\Program Files\Defraggler
2016-03-19 21:29:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-18 16:33:14 ----A---- C:\windows\system32\WindowsAccessBridge-64.dll
2016-03-18 16:32:44 ----D---- C:\Program Files\Java
2016-03-14 14:11:39 ----D---- C:\Program Files (x86)\LG Electronics
2016-03-09 12:18:27 ----A---- C:\windows\system32\ntoskrnl.exe
2016-03-09 12:18:26 ----A---- C:\windows\system32\ntdll.dll
2016-03-09 12:18:25 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2016-03-09 12:18:25 ----A---- C:\windows\SYSWOW64\ntdll.dll
2016-03-09 12:18:25 ----A---- C:\windows\system32\KernelBase.dll
2016-03-09 12:18:25 ----A---- C:\windows\system32\kerberos.dll
2016-03-09 12:18:24 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 12:18:24 ----A---- C:\windows\system32\kernel32.dll
2016-03-09 12:18:23 ----A---- C:\windows\SYSWOW64\kerberos.dll
2016-03-09 12:18:23 ----A---- C:\windows\SYSWOW64\advapi32.dll
2016-03-09 12:18:23 ----A---- C:\windows\system32\advapi32.dll
2016-03-09 12:18:22 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2016-03-09 12:18:21 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2016-03-09 12:18:21 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-03-09 12:18:20 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2016-03-09 12:18:20 ----A---- C:\windows\system32\smss.exe
2016-03-09 12:18:20 ----A---- C:\windows\system32\schannel.dll
2016-03-09 12:18:20 ----A---- C:\windows\system32\rpcrt4.dll
2016-03-09 12:18:20 ----A---- C:\windows\system32\lsasrv.dll
2016-03-09 12:18:20 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-03-09 12:18:18 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-03-09 12:18:18 ----A---- C:\windows\system32\wow64win.dll
2016-03-09 12:18:18 ----A---- C:\windows\system32\srcore.dll
2016-03-09 12:18:18 ----A---- C:\windows\system32\msv1_0.dll
2016-03-09 12:18:18 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-03-09 12:18:17 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\wow64.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\winsrv.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\wdigest.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\TSpkg.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\sspicli.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\ncrypt.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\conhost.exe
2016-03-09 12:18:16 ----A---- C:\windows\SYSWOW64\wdigest.dll
2016-03-09 12:18:16 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-03-09 12:18:16 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2016-03-09 12:18:16 ----A---- C:\windows\system32\lsass.exe
2016-03-09 12:18:16 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-03-09 12:18:16 ----A---- C:\windows\system32\csrsrv.dll
2016-03-09 12:18:15 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2016-03-09 12:18:15 ----A---- C:\windows\system32\wow64cpu.dll
2016-03-09 12:18:15 ----A---- C:\windows\system32\sspisrv.dll
2016-03-09 12:18:15 ----A---- C:\windows\system32\srclient.dll
2016-03-09 12:18:15 ----A---- C:\windows\system32\secur32.dll
2016-03-09 12:18:15 ----A---- C:\windows\system32\cryptbase.dll
2016-03-09 12:18:14 ----A---- C:\windows\SYSWOW64\srclient.dll
2016-03-09 12:18:14 ----A---- C:\windows\SYSWOW64\secur32.dll
2016-03-09 12:18:14 ----A---- C:\windows\SYSWOW64\kernel32.dll
2016-03-09 12:18:14 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2016-03-09 12:18:14 ----A---- C:\windows\system32\rstrui.exe
2016-03-09 12:18:14 ----A---- C:\windows\system32\ntvdm64.dll
2016-03-09 12:18:14 ----A---- C:\windows\system32\credssp.dll
2016-03-09 12:18:13 ----A---- C:\windows\SYSWOW64\wow32.dll
2016-03-09 12:18:13 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2016-03-09 12:18:13 ----A---- C:\windows\SYSWOW64\credssp.dll
2016-03-09 12:18:13 ----A---- C:\windows\SYSWOW64\auditpol.exe
2016-03-09 12:18:13 ----A---- C:\windows\system32\auditpol.exe
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 12:18:11 ----A---- C:\windows\SYSWOW64\user.exe
2016-03-09 12:18:11 ----A---- C:\windows\SYSWOW64\setup16.exe
2016-03-09 12:18:11 ----A---- C:\windows\SYSWOW64\instnm.exe
2016-03-09 12:18:11 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2016-03-09 12:18:11 ----A---- C:\windows\system32\apisetschema.dll
2016-03-09 12:18:10 ----A---- C:\windows\SYSWOW64\adtschema.dll
2016-03-09 12:18:10 ----A---- C:\windows\system32\adtschema.dll
2016-03-09 12:18:09 ----A---- C:\windows\SYSWOW64\msobjs.dll
2016-03-09 12:18:09 ----A---- C:\windows\SYSWOW64\msaudite.dll
2016-03-09 12:18:09 ----A---- C:\windows\system32\msobjs.dll
2016-03-09 12:18:09 ----A---- C:\windows\system32\msaudite.dll
2016-03-09 12:17:20 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2016-03-09 12:17:20 ----A---- C:\windows\SYSWOW64\inseng.dll
2016-03-09 12:17:20 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-03-09 12:17:20 ----A---- C:\windows\SYSWOW64\iernonce.dll
2016-03-09 12:17:20 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 12:17:20 ----A---- C:\windows\system32\iertutil.dll
2016-03-09 12:17:20 ----A---- C:\windows\system32\iernonce.dll
2016-03-09 12:17:20 ----A---- C:\windows\system32\ieetwproxystub.dll
2016-03-09 12:17:20 ----A---- C:\windows\system32\ieetwcollector.exe
2016-03-09 12:17:19 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-03-09 12:17:19 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-03-09 12:17:19 ----A---- C:\windows\SYSWOW64\occache.dll
2016-03-09 12:17:19 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 12:17:19 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2016-03-09 12:17:19 ----A---- C:\windows\system32\inseng.dll
2016-03-09 12:17:19 ----A---- C:\windows\system32\ie4uinit.exe
2016-03-09 12:17:18 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-03-09 12:17:18 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-03-09 12:17:18 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2016-03-09 12:17:18 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 12:17:17 ----A---- C:\windows\SYSWOW64\iesetup.dll
2016-03-09 12:17:17 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-03-09 12:17:17 ----A---- C:\windows\system32\occache.dll
2016-03-09 12:17:16 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2016-03-09 12:17:16 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2016-03-09 12:17:16 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-03-09 12:17:16 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2016-03-09 12:17:16 ----A---- C:\windows\system32\urlmon.dll
2016-03-09 12:17:16 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2016-03-09 12:17:16 ----A---- C:\windows\system32\ieetwcollectorres.dll
2016-03-09 12:17:16 ----A---- C:\windows\system32\iedkcs32.dll
2016-03-09 12:17:15 ----A---- C:\windows\SYSWOW64\ieui.dll
2016-03-09 12:17:15 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-03-09 12:17:15 ----A---- C:\windows\system32\msfeeds.dll
2016-03-09 12:17:15 ----A---- C:\windows\system32\dxtrans.dll
2016-03-09 12:17:14 ----A---- C:\windows\system32\iesetup.dll
2016-03-09 12:17:14 ----A---- C:\windows\system32\ieapfltr.dll
2016-03-09 12:17:13 ----A---- C:\windows\SYSWOW64\webcheck.dll
2016-03-09 12:17:13 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 12:17:13 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-03-09 12:17:13 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2016-03-09 12:17:13 ----A---- C:\windows\system32\vbscript.dll
2016-03-09 12:17:12 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-03-09 12:17:12 ----A---- C:\windows\SYSWOW64\msrating.dll
2016-03-09 12:17:12 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2016-03-09 12:17:12 ----A---- C:\windows\system32\jsproxy.dll
2016-03-09 12:17:11 ----A---- C:\windows\system32\ieui.dll
2016-03-09 12:17:11 ----A---- C:\windows\system32\ieframe.dll
2016-03-09 12:17:11 ----A---- C:\windows\system32\dxtmsft.dll
2016-03-09 12:17:10 ----A---- C:\windows\system32\webcheck.dll
2016-03-09 12:17:10 ----A---- C:\windows\system32\mshtmlmedia.dll
2016-03-09 12:17:10 ----A---- C:\windows\system32\mshtmled.dll
2016-03-09 12:17:10 ----A---- C:\windows\system32\ieUnatt.exe
2016-03-09 12:17:09 ----A---- C:\windows\system32\wininet.dll
2016-03-09 12:17:09 ----A---- C:\windows\system32\jscript9diag.dll
2016-03-09 12:17:09 ----A---- C:\windows\system32\jscript9.dll
2016-03-09 12:17:09 ----A---- C:\windows\system32\jscript.dll
2016-03-09 12:17:07 ----A---- C:\windows\system32\msrating.dll
2016-03-09 12:17:07 ----A---- C:\windows\system32\MshtmlDac.dll
2016-03-09 12:17:06 ----A---- C:\windows\system32\mshtml.dll
2016-03-09 12:16:39 ----A---- C:\windows\system32\win32k.sys
2016-03-09 12:16:37 ----A---- C:\windows\system32\atmfd.dll
2016-03-09 12:16:36 ----A---- C:\windows\SYSWOW64\lpk.dll
2016-03-09 12:16:36 ----A---- C:\windows\SYSWOW64\fontsub.dll
2016-03-09 12:16:36 ----A---- C:\windows\SYSWOW64\dciman32.dll
2016-03-09 12:16:36 ----A---- C:\windows\SYSWOW64\atmlib.dll
2016-03-09 12:16:36 ----A---- C:\windows\SYSWOW64\atmfd.dll
2016-03-09 12:16:36 ----A---- C:\windows\system32\lpk.dll
2016-03-09 12:16:36 ----A---- C:\windows\system32\fontsub.dll
2016-03-09 12:16:36 ----A---- C:\windows\system32\dciman32.dll
2016-03-09 12:16:36 ----A---- C:\windows\system32\atmlib.dll
2016-03-09 12:16:34 ----A---- C:\windows\system32\drivers\USBSTOR.SYS
2016-03-09 12:16:32 ----A---- C:\windows\SYSWOW64\mfds.dll
2016-03-09 12:16:32 ----A---- C:\windows\system32\mfds.dll
2016-03-09 12:16:31 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-03-09 12:16:31 ----A---- C:\windows\system32\oleaut32.dll
2016-03-09 12:16:31 ----A---- C:\windows\system32\asycfilt.dll
2016-03-09 12:16:30 ----A---- C:\windows\SYSWOW64\asycfilt.dll
2016-03-09 12:03:01 ----A---- C:\windows\system32\seclogon.dll
2016-03-09 12:02:36 ----A---- C:\windows\system32\wmp.dll
2016-03-09 12:02:35 ----A---- C:\windows\SYSWOW64\wmp.dll
2016-03-09 12:02:35 ----A---- C:\windows\system32\spwmp.dll
2016-03-09 12:02:34 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2016-03-09 12:02:34 ----A---- C:\windows\SYSWOW64\spwmp.dll
2016-03-09 12:02:34 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2016-03-09 12:02:34 ----A---- C:\windows\system32\wmploc.DLL
2016-03-09 12:02:34 ----A---- C:\windows\system32\dxmasf.dll
2016-03-04 12:43:29 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2016-03-04 12:43:29 ----A---- C:\windows\SYSWOW64\wups.dll
2016-03-04 12:43:29 ----A---- C:\windows\SYSWOW64\wudriver.dll
2016-03-04 12:43:29 ----A---- C:\windows\SYSWOW64\wuapp.exe
2016-03-04 12:43:29 ----A---- C:\windows\SYSWOW64\wuapi.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wuwebv.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wups2.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wups.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wudriver.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wucltux.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wuaueng.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wuauclt.exe
2016-03-04 12:43:29 ----A---- C:\windows\system32\wuapp.exe
2016-03-04 12:43:29 ----A---- C:\windows\system32\wuapi.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\WinSetupUI.dll
2016-03-04 12:43:27 ----A---- C:\windows\system32\invagent.dll
2016-03-04 12:43:27 ----A---- C:\windows\system32\generaltel.dll
2016-03-04 12:43:27 ----A---- C:\windows\system32\devinv.dll
2016-03-04 12:43:27 ----A---- C:\windows\system32\CompatTelRunner.exe
2016-03-04 12:43:27 ----A---- C:\windows\system32\appraiser.dll
2016-03-04 12:43:27 ----A---- C:\windows\system32\aeinv.dll
2016-03-04 12:43:26 ----A---- C:\windows\system32\acmigration.dll
2016-03-04 11:32:16 ----A---- C:\windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-03-04 11:31:22 ----D---- C:\Users\ROYAL\AppData\Roaming\ProductData
2016-03-04 11:31:18 ----D---- C:\ProgramData\ProductData
======List of files/folders modified in the last 1 month======
2016-03-31 08:49:59 ----D---- C:\windows\Prefetch
2016-03-31 08:49:56 ----RD---- C:\Program Files
2016-03-31 08:49:43 ----D---- C:\windows\Temp
2016-03-31 08:48:42 ----D---- C:\windows\inf
2016-03-31 08:48:42 ----AD---- C:\windows\System32
2016-03-31 08:48:42 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-03-31 08:44:23 ----D---- C:\windows\system32\config
2016-03-31 08:43:33 ----D---- C:\ProgramData\LogMeIn
2016-03-31 08:43:26 ----D---- C:\windows\system32\Tasks
2016-03-31 08:43:18 ----A---- C:\windows\SYSWOW64\log.txt
2016-03-30 14:52:01 ----D---- C:\ProgramData
2016-03-30 10:47:53 ----AD---- C:\Windows
2016-03-28 15:04:16 ----SHD---- C:\windows\Installer
2016-03-24 15:32:21 ----D---- C:\windows\SysWOW64
2016-03-24 15:32:16 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2016-03-24 14:49:22 ----SHD---- C:\System Volume Information
2016-03-24 14:29:52 ----D---- C:\Program Files (x86)
2016-03-24 12:48:10 ----D---- C:\windows\Tasks
2016-03-24 12:12:04 ----D---- C:\windows\winsxs
2016-03-24 12:12:00 ----SD---- C:\windows\SYSWOW64\GWX
2016-03-24 12:12:00 ----SD---- C:\windows\system32\GWX
2016-03-24 10:35:51 ----D---- C:\windows\system32\drivers
2016-03-24 09:47:18 ----D---- C:\windows\system32\catroot2
2016-03-23 09:38:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-19 21:02:14 ----D---- C:\Program Files (x86)\LogMeIn
2016-03-19 21:01:10 ----A---- C:\windows\system32\LMIRfsClientNP.dll
2016-03-19 21:01:08 ----A---- C:\windows\system32\LMIinit.dll
2016-03-18 17:05:30 ----D---- C:\windows\debug
2016-03-17 15:05:21 ----D---- C:\windows\system32\DriverStore
2016-03-16 14:05:32 ----D---- C:\Users\ROYAL\AppData\Roaming\vlc
2016-03-11 14:34:33 ----A---- C:\windows\system32\LMIRfsClientNP.dll.000.bak
2016-03-09 17:46:15 ----D---- C:\windows\rescache
2016-03-09 17:17:02 ----D---- C:\windows\Microsoft.NET
2016-03-09 17:16:31 ----RSD---- C:\windows\assembly
2016-03-09 16:49:07 ----D---- C:\windows\SYSWOW64\sk-SK
2016-03-09 16:49:07 ----D---- C:\windows\SYSWOW64\en-US
2016-03-09 16:49:07 ----D---- C:\windows\system32\sk-SK
2016-03-09 16:49:07 ----D---- C:\Program Files\Internet Explorer
2016-03-09 16:49:06 ----D---- C:\windows\system32\en-US
2016-03-09 16:49:05 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-09 16:49:03 ----D---- C:\windows\AppPatch
2016-03-09 16:49:01 ----D---- C:\Program Files\Windows Media Player
2016-03-09 16:49:01 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-09 14:02:42 ----D---- C:\ProgramData\Microsoft Help
2016-03-09 12:52:58 ----D---- C:\windows\system32\MRT
2016-03-09 12:25:55 ----A---- C:\windows\system32\MRT.exe
2016-03-04 13:46:57 ----SD---- C:\ProgramData\Microsoft
2016-03-04 13:01:14 ----D---- C:\windows\SoftwareDistribution
2016-03-04 12:44:07 ----D---- C:\windows\system32\appraiser
2016-03-04 11:36:54 ----D---- C:\windows\Panther
2016-03-04 11:32:16 ----D---- C:\windows\SYSWOW64\drivers
2016-03-04 11:30:58 ----D---- C:\Program Files (x86)\Common Files
2016-03-02 20:51:35 ----A---- C:\windows\system32\LMIport.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2016-03-17 84800]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys [2010-05-08 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ.SYS [2009-07-14 26840]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2016-03-17 264552]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-12-19 186784]
R1 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2016-03-17 198096]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2016-03-17 53384]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-03-04 27552]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 VBoxDrv;VirtualBox Service; C:\windows\system32\DRIVERS\VBoxDrv.sys [2011-05-16 231600]
R2 aksdf;aksdf; \??\C:\windows\system32\drivers\aksdf.sys [2011-11-24 78208]
R2 aksfridge;Sentinel Fridge; C:\windows\system32\DRIVERS\aksfridge.sys [2011-11-24 139592]
R2 ekbdflt;ekbdflt; C:\windows\system32\DRIVERS\ekbdflt.sys [2015-12-19 142976]
R2 hardlock;hardlock; \??\C:\windows\system32\drivers\hardlock.sys [2011-10-07 321536]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2013-05-29 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\windows\system32\drivers\LMIRfsDriver.sys [2011-01-11 72216]
R2 rimspci;rimspci; C:\windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
R2 risdpcie;risdpcie; C:\windows\system32\DRIVERS\risdpe64.sys [2009-11-27 80384]
R2 rixdpcie;rixdpcie; C:\windows\system32\DRIVERS\rixdpe64.sys [2011-04-26 53760]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2009-11-27 267824]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver; C:\windows\System32\Drivers\ATSwpWDF.sys [2010-05-20 770152]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\windows\system32\DRIVERS\e1k62x64.sys [2010-01-14 295088]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-07-28 10610400]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2009-10-30 2020512]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-01-08 271872]
R3 lmimirr;lmimirr; C:\windows\system32\DRIVERS\lmimirr.sys [2011-01-11 11552]
R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 StillCam;Still Serial Digital Camera Driver; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 tap0901;TAP-Win32 Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys [2008-11-19 29696]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
R3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 58744]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 akshasp;SafeNet Inc. HASP Key; C:\windows\system32\DRIVERS\akshasp.sys [2009-03-13 53760]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\windows\system32\DRIVERS\akshhl.sys [2011-09-08 57088]
S3 aksusb;SafeNet Inc. USB Key; C:\windows\system32\DRIVERS\aksusb.sys [2011-08-09 21120]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\windows\system32\DRIVERS\lgandnetbus64.sys [2015-01-21 20992]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys [2015-01-26 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\windows\system32\DRIVERS\lgandnetmodem64.sys [2015-01-26 37376]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\windows\system32\DRIVERS\ewusbnet.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\windows\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusb_cdcacm;hwusb_cdcacm; C:\windows\system32\DRIVERS\ew_cdcacm.sys []
S3 hwusb_wwanecm;hwusb_wwanecm; C:\windows\system32\DRIVERS\ew_wwanecm.sys []
S3 KMWDFILTER;HIDServiceDesc; C:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\windows\system32\DRIVERS\ss_bus.sys [2009-09-21 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\windows\system32\DRIVERS\ss_mdfl.sys [2009-09-21 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\windows\system32\DRIVERS\ss_mdm.sys [2009-09-21 161280]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbbus;LGE Mobile Composite USB Device; C:\windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgx64modem.sys []
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\windows\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-11-14 2723576]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2009-07-31 5762408]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-03-17 2521440]
R2 hasplms;Sentinel HASP License Manager; C:\windows\system32\hasplms.exe [2011-12-02 4913608]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2016-03-19 417288]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2016-03-19 508424]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 262144]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2011-01-11 407424]
R2 NeroMediaHomeService.4;Nero MediaHome 4 Service; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [2012-12-20 518632]
R2 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2008-11-19 15872]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-05-11 124368]
R2 Thpsrv;Ochrana HDD TOSHIBA; C:\windows\system32\ThpSrv.exe [2009-10-21 531520]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-02-25 252928]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-19 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 Samsung UPD Service2;Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [2011-12-02 165456]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 193904]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-11-05 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-05 824688]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
no občas sa sekne
Run by Elen at 2016-03-31 08:49:56
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 150 GB (51%) free of 296 GB
Total RAM: 3824 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:49:59, on 31. 3. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Elen.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: BHOHOOK - {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-21-135267206-3340581296-3271041078-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-21-135267206-3340581296-3271041078-1005\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-21-135267206-3340581296-3271041078-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NeroMediaHomeUser.4')
O4 - S-1-5-21-135267206-3340581296-3271041078-1005 User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'NeroMediaHomeUser.4')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service2 - Unknown owner - C:\windows\System32\SUPDSvc2.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10617 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
"C:\Program Files\Fingerprint Sensor\ATService.exe"
winlogon.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\hasplms.exe -run
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
taskeng.exe {5F86318D-07D0-41BE-B808-3497F4DFD15B}
"C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe"
openvpn --service openvpn_exit_1 1 --config "komandordialog.ovpn"
taskeng.exe {2E0F4A4B-091A-4726-80CC-67883A8A8695}
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
\??\C:\windows\system32\conhost.exe "-191118200-882373762-1543220961-194288116910876688771329794363-9934300151849452982
C:\windows\system32\ThpSrv.exe
C:\windows\system32\TODDSrv.exe
"C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
"C:\Windows\System32\ThpSrv.exe" /logon
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
WLIDSvcM.exe 824
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\System32\alg.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\system32\wbem\wmiprvse.exe
taskhost.exe $(Arg0)
C:\windows\system32\sppsvc.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\ROYAL\Desktop\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458
prefs.js - "browser.startup.homepage" - "www.google.sk"
"{C1CA7765-44E4-452e-9D00-A04F3D434281}"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.77.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprpplugin.dll
C:\Users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\extensions\
{a00bef25-f21a-4539-adbb-b179b29e2b92}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-28 553024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-28 214080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9}]
TFPUPWDBankBHO Class - C:\Program Files\TOSHIBA\TFPU\x86\TFPUPWDBankBHO.dll [2009-12-23 45488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"=C:\windows\system32\thpsrv /logon []
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-07-28 161304]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-07-28 386584]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-07-28 415256]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2011-01-11 57928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-03-11 8686296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2011-01-11 57928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFNetworkScanUtility]
C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [2012-09-27 486552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero MediaHome 4]
C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [2012-12-20 5179880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-03-20 595480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe]
C:\windows\system32\spool\drivers\x64\3\WrtMon.exe [2006-09-20 20480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~2\Toshiba\BLUETO~1\TosBtMng.exe [2009-11-05 2717024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
C:\windows\Installer\{F329E07A-96A2-46C6-94F4-2F35868FA2ED}\app_icon.ico []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk]
C:\PROGRA~2\UNIVER~1\UMS.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-03-20 595480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-07-28 271360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2016-03-31 08:49:56 ----D---- C:\rsit
2016-03-31 08:49:56 ----D---- C:\Program Files\trend micro
2016-03-24 10:40:59 ----D---- C:\Program Files\Defraggler
2016-03-19 21:29:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-18 16:33:14 ----A---- C:\windows\system32\WindowsAccessBridge-64.dll
2016-03-18 16:32:44 ----D---- C:\Program Files\Java
2016-03-14 14:11:39 ----D---- C:\Program Files (x86)\LG Electronics
2016-03-09 12:18:27 ----A---- C:\windows\system32\ntoskrnl.exe
2016-03-09 12:18:26 ----A---- C:\windows\system32\ntdll.dll
2016-03-09 12:18:25 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2016-03-09 12:18:25 ----A---- C:\windows\SYSWOW64\ntdll.dll
2016-03-09 12:18:25 ----A---- C:\windows\system32\KernelBase.dll
2016-03-09 12:18:25 ----A---- C:\windows\system32\kerberos.dll
2016-03-09 12:18:24 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 12:18:24 ----A---- C:\windows\system32\kernel32.dll
2016-03-09 12:18:23 ----A---- C:\windows\SYSWOW64\kerberos.dll
2016-03-09 12:18:23 ----A---- C:\windows\SYSWOW64\advapi32.dll
2016-03-09 12:18:23 ----A---- C:\windows\system32\advapi32.dll
2016-03-09 12:18:22 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2016-03-09 12:18:21 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2016-03-09 12:18:21 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-03-09 12:18:20 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2016-03-09 12:18:20 ----A---- C:\windows\system32\smss.exe
2016-03-09 12:18:20 ----A---- C:\windows\system32\schannel.dll
2016-03-09 12:18:20 ----A---- C:\windows\system32\rpcrt4.dll
2016-03-09 12:18:20 ----A---- C:\windows\system32\lsasrv.dll
2016-03-09 12:18:20 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-03-09 12:18:18 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-03-09 12:18:18 ----A---- C:\windows\system32\wow64win.dll
2016-03-09 12:18:18 ----A---- C:\windows\system32\srcore.dll
2016-03-09 12:18:18 ----A---- C:\windows\system32\msv1_0.dll
2016-03-09 12:18:18 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-03-09 12:18:17 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\wow64.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\winsrv.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\wdigest.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\TSpkg.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\sspicli.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\ncrypt.dll
2016-03-09 12:18:17 ----A---- C:\windows\system32\conhost.exe
2016-03-09 12:18:16 ----A---- C:\windows\SYSWOW64\wdigest.dll
2016-03-09 12:18:16 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-03-09 12:18:16 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2016-03-09 12:18:16 ----A---- C:\windows\system32\lsass.exe
2016-03-09 12:18:16 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-03-09 12:18:16 ----A---- C:\windows\system32\csrsrv.dll
2016-03-09 12:18:15 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2016-03-09 12:18:15 ----A---- C:\windows\system32\wow64cpu.dll
2016-03-09 12:18:15 ----A---- C:\windows\system32\sspisrv.dll
2016-03-09 12:18:15 ----A---- C:\windows\system32\srclient.dll
2016-03-09 12:18:15 ----A---- C:\windows\system32\secur32.dll
2016-03-09 12:18:15 ----A---- C:\windows\system32\cryptbase.dll
2016-03-09 12:18:14 ----A---- C:\windows\SYSWOW64\srclient.dll
2016-03-09 12:18:14 ----A---- C:\windows\SYSWOW64\secur32.dll
2016-03-09 12:18:14 ----A---- C:\windows\SYSWOW64\kernel32.dll
2016-03-09 12:18:14 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2016-03-09 12:18:14 ----A---- C:\windows\system32\rstrui.exe
2016-03-09 12:18:14 ----A---- C:\windows\system32\ntvdm64.dll
2016-03-09 12:18:14 ----A---- C:\windows\system32\credssp.dll
2016-03-09 12:18:13 ----A---- C:\windows\SYSWOW64\wow32.dll
2016-03-09 12:18:13 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2016-03-09 12:18:13 ----A---- C:\windows\SYSWOW64\credssp.dll
2016-03-09 12:18:13 ----A---- C:\windows\SYSWOW64\auditpol.exe
2016-03-09 12:18:13 ----A---- C:\windows\system32\auditpol.exe
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 12:18:12 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 12:18:11 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 12:18:11 ----A---- C:\windows\SYSWOW64\user.exe
2016-03-09 12:18:11 ----A---- C:\windows\SYSWOW64\setup16.exe
2016-03-09 12:18:11 ----A---- C:\windows\SYSWOW64\instnm.exe
2016-03-09 12:18:11 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2016-03-09 12:18:11 ----A---- C:\windows\system32\apisetschema.dll
2016-03-09 12:18:10 ----A---- C:\windows\SYSWOW64\adtschema.dll
2016-03-09 12:18:10 ----A---- C:\windows\system32\adtschema.dll
2016-03-09 12:18:09 ----A---- C:\windows\SYSWOW64\msobjs.dll
2016-03-09 12:18:09 ----A---- C:\windows\SYSWOW64\msaudite.dll
2016-03-09 12:18:09 ----A---- C:\windows\system32\msobjs.dll
2016-03-09 12:18:09 ----A---- C:\windows\system32\msaudite.dll
2016-03-09 12:17:20 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2016-03-09 12:17:20 ----A---- C:\windows\SYSWOW64\inseng.dll
2016-03-09 12:17:20 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-03-09 12:17:20 ----A---- C:\windows\SYSWOW64\iernonce.dll
2016-03-09 12:17:20 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 12:17:20 ----A---- C:\windows\system32\iertutil.dll
2016-03-09 12:17:20 ----A---- C:\windows\system32\iernonce.dll
2016-03-09 12:17:20 ----A---- C:\windows\system32\ieetwproxystub.dll
2016-03-09 12:17:20 ----A---- C:\windows\system32\ieetwcollector.exe
2016-03-09 12:17:19 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-03-09 12:17:19 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-03-09 12:17:19 ----A---- C:\windows\SYSWOW64\occache.dll
2016-03-09 12:17:19 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 12:17:19 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2016-03-09 12:17:19 ----A---- C:\windows\system32\inseng.dll
2016-03-09 12:17:19 ----A---- C:\windows\system32\ie4uinit.exe
2016-03-09 12:17:18 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-03-09 12:17:18 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-03-09 12:17:18 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2016-03-09 12:17:18 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 12:17:17 ----A---- C:\windows\SYSWOW64\iesetup.dll
2016-03-09 12:17:17 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-03-09 12:17:17 ----A---- C:\windows\system32\occache.dll
2016-03-09 12:17:16 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2016-03-09 12:17:16 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2016-03-09 12:17:16 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-03-09 12:17:16 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2016-03-09 12:17:16 ----A---- C:\windows\system32\urlmon.dll
2016-03-09 12:17:16 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2016-03-09 12:17:16 ----A---- C:\windows\system32\ieetwcollectorres.dll
2016-03-09 12:17:16 ----A---- C:\windows\system32\iedkcs32.dll
2016-03-09 12:17:15 ----A---- C:\windows\SYSWOW64\ieui.dll
2016-03-09 12:17:15 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-03-09 12:17:15 ----A---- C:\windows\system32\msfeeds.dll
2016-03-09 12:17:15 ----A---- C:\windows\system32\dxtrans.dll
2016-03-09 12:17:14 ----A---- C:\windows\system32\iesetup.dll
2016-03-09 12:17:14 ----A---- C:\windows\system32\ieapfltr.dll
2016-03-09 12:17:13 ----A---- C:\windows\SYSWOW64\webcheck.dll
2016-03-09 12:17:13 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 12:17:13 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-03-09 12:17:13 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2016-03-09 12:17:13 ----A---- C:\windows\system32\vbscript.dll
2016-03-09 12:17:12 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-03-09 12:17:12 ----A---- C:\windows\SYSWOW64\msrating.dll
2016-03-09 12:17:12 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2016-03-09 12:17:12 ----A---- C:\windows\system32\jsproxy.dll
2016-03-09 12:17:11 ----A---- C:\windows\system32\ieui.dll
2016-03-09 12:17:11 ----A---- C:\windows\system32\ieframe.dll
2016-03-09 12:17:11 ----A---- C:\windows\system32\dxtmsft.dll
2016-03-09 12:17:10 ----A---- C:\windows\system32\webcheck.dll
2016-03-09 12:17:10 ----A---- C:\windows\system32\mshtmlmedia.dll
2016-03-09 12:17:10 ----A---- C:\windows\system32\mshtmled.dll
2016-03-09 12:17:10 ----A---- C:\windows\system32\ieUnatt.exe
2016-03-09 12:17:09 ----A---- C:\windows\system32\wininet.dll
2016-03-09 12:17:09 ----A---- C:\windows\system32\jscript9diag.dll
2016-03-09 12:17:09 ----A---- C:\windows\system32\jscript9.dll
2016-03-09 12:17:09 ----A---- C:\windows\system32\jscript.dll
2016-03-09 12:17:07 ----A---- C:\windows\system32\msrating.dll
2016-03-09 12:17:07 ----A---- C:\windows\system32\MshtmlDac.dll
2016-03-09 12:17:06 ----A---- C:\windows\system32\mshtml.dll
2016-03-09 12:16:39 ----A---- C:\windows\system32\win32k.sys
2016-03-09 12:16:37 ----A---- C:\windows\system32\atmfd.dll
2016-03-09 12:16:36 ----A---- C:\windows\SYSWOW64\lpk.dll
2016-03-09 12:16:36 ----A---- C:\windows\SYSWOW64\fontsub.dll
2016-03-09 12:16:36 ----A---- C:\windows\SYSWOW64\dciman32.dll
2016-03-09 12:16:36 ----A---- C:\windows\SYSWOW64\atmlib.dll
2016-03-09 12:16:36 ----A---- C:\windows\SYSWOW64\atmfd.dll
2016-03-09 12:16:36 ----A---- C:\windows\system32\lpk.dll
2016-03-09 12:16:36 ----A---- C:\windows\system32\fontsub.dll
2016-03-09 12:16:36 ----A---- C:\windows\system32\dciman32.dll
2016-03-09 12:16:36 ----A---- C:\windows\system32\atmlib.dll
2016-03-09 12:16:34 ----A---- C:\windows\system32\drivers\USBSTOR.SYS
2016-03-09 12:16:32 ----A---- C:\windows\SYSWOW64\mfds.dll
2016-03-09 12:16:32 ----A---- C:\windows\system32\mfds.dll
2016-03-09 12:16:31 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-03-09 12:16:31 ----A---- C:\windows\system32\oleaut32.dll
2016-03-09 12:16:31 ----A---- C:\windows\system32\asycfilt.dll
2016-03-09 12:16:30 ----A---- C:\windows\SYSWOW64\asycfilt.dll
2016-03-09 12:03:01 ----A---- C:\windows\system32\seclogon.dll
2016-03-09 12:02:36 ----A---- C:\windows\system32\wmp.dll
2016-03-09 12:02:35 ----A---- C:\windows\SYSWOW64\wmp.dll
2016-03-09 12:02:35 ----A---- C:\windows\system32\spwmp.dll
2016-03-09 12:02:34 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2016-03-09 12:02:34 ----A---- C:\windows\SYSWOW64\spwmp.dll
2016-03-09 12:02:34 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2016-03-09 12:02:34 ----A---- C:\windows\system32\wmploc.DLL
2016-03-09 12:02:34 ----A---- C:\windows\system32\dxmasf.dll
2016-03-04 12:43:29 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2016-03-04 12:43:29 ----A---- C:\windows\SYSWOW64\wups.dll
2016-03-04 12:43:29 ----A---- C:\windows\SYSWOW64\wudriver.dll
2016-03-04 12:43:29 ----A---- C:\windows\SYSWOW64\wuapp.exe
2016-03-04 12:43:29 ----A---- C:\windows\SYSWOW64\wuapi.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wuwebv.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wups2.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wups.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wudriver.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wucltux.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wuaueng.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wuauclt.exe
2016-03-04 12:43:29 ----A---- C:\windows\system32\wuapp.exe
2016-03-04 12:43:29 ----A---- C:\windows\system32\wuapi.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2016-03-04 12:43:29 ----A---- C:\windows\system32\WinSetupUI.dll
2016-03-04 12:43:27 ----A---- C:\windows\system32\invagent.dll
2016-03-04 12:43:27 ----A---- C:\windows\system32\generaltel.dll
2016-03-04 12:43:27 ----A---- C:\windows\system32\devinv.dll
2016-03-04 12:43:27 ----A---- C:\windows\system32\CompatTelRunner.exe
2016-03-04 12:43:27 ----A---- C:\windows\system32\appraiser.dll
2016-03-04 12:43:27 ----A---- C:\windows\system32\aeinv.dll
2016-03-04 12:43:26 ----A---- C:\windows\system32\acmigration.dll
2016-03-04 11:32:16 ----A---- C:\windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-03-04 11:31:22 ----D---- C:\Users\ROYAL\AppData\Roaming\ProductData
2016-03-04 11:31:18 ----D---- C:\ProgramData\ProductData
======List of files/folders modified in the last 1 month======
2016-03-31 08:49:59 ----D---- C:\windows\Prefetch
2016-03-31 08:49:56 ----RD---- C:\Program Files
2016-03-31 08:49:43 ----D---- C:\windows\Temp
2016-03-31 08:48:42 ----D---- C:\windows\inf
2016-03-31 08:48:42 ----AD---- C:\windows\System32
2016-03-31 08:48:42 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-03-31 08:44:23 ----D---- C:\windows\system32\config
2016-03-31 08:43:33 ----D---- C:\ProgramData\LogMeIn
2016-03-31 08:43:26 ----D---- C:\windows\system32\Tasks
2016-03-31 08:43:18 ----A---- C:\windows\SYSWOW64\log.txt
2016-03-30 14:52:01 ----D---- C:\ProgramData
2016-03-30 10:47:53 ----AD---- C:\Windows
2016-03-28 15:04:16 ----SHD---- C:\windows\Installer
2016-03-24 15:32:21 ----D---- C:\windows\SysWOW64
2016-03-24 15:32:16 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2016-03-24 14:49:22 ----SHD---- C:\System Volume Information
2016-03-24 14:29:52 ----D---- C:\Program Files (x86)
2016-03-24 12:48:10 ----D---- C:\windows\Tasks
2016-03-24 12:12:04 ----D---- C:\windows\winsxs
2016-03-24 12:12:00 ----SD---- C:\windows\SYSWOW64\GWX
2016-03-24 12:12:00 ----SD---- C:\windows\system32\GWX
2016-03-24 10:35:51 ----D---- C:\windows\system32\drivers
2016-03-24 09:47:18 ----D---- C:\windows\system32\catroot2
2016-03-23 09:38:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-19 21:02:14 ----D---- C:\Program Files (x86)\LogMeIn
2016-03-19 21:01:10 ----A---- C:\windows\system32\LMIRfsClientNP.dll
2016-03-19 21:01:08 ----A---- C:\windows\system32\LMIinit.dll
2016-03-18 17:05:30 ----D---- C:\windows\debug
2016-03-17 15:05:21 ----D---- C:\windows\system32\DriverStore
2016-03-16 14:05:32 ----D---- C:\Users\ROYAL\AppData\Roaming\vlc
2016-03-11 14:34:33 ----A---- C:\windows\system32\LMIRfsClientNP.dll.000.bak
2016-03-09 17:46:15 ----D---- C:\windows\rescache
2016-03-09 17:17:02 ----D---- C:\windows\Microsoft.NET
2016-03-09 17:16:31 ----RSD---- C:\windows\assembly
2016-03-09 16:49:07 ----D---- C:\windows\SYSWOW64\sk-SK
2016-03-09 16:49:07 ----D---- C:\windows\SYSWOW64\en-US
2016-03-09 16:49:07 ----D---- C:\windows\system32\sk-SK
2016-03-09 16:49:07 ----D---- C:\Program Files\Internet Explorer
2016-03-09 16:49:06 ----D---- C:\windows\system32\en-US
2016-03-09 16:49:05 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-09 16:49:03 ----D---- C:\windows\AppPatch
2016-03-09 16:49:01 ----D---- C:\Program Files\Windows Media Player
2016-03-09 16:49:01 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-09 14:02:42 ----D---- C:\ProgramData\Microsoft Help
2016-03-09 12:52:58 ----D---- C:\windows\system32\MRT
2016-03-09 12:25:55 ----A---- C:\windows\system32\MRT.exe
2016-03-04 13:46:57 ----SD---- C:\ProgramData\Microsoft
2016-03-04 13:01:14 ----D---- C:\windows\SoftwareDistribution
2016-03-04 12:44:07 ----D---- C:\windows\system32\appraiser
2016-03-04 11:36:54 ----D---- C:\windows\Panther
2016-03-04 11:32:16 ----D---- C:\windows\SYSWOW64\drivers
2016-03-04 11:30:58 ----D---- C:\Program Files (x86)\Common Files
2016-03-02 20:51:35 ----A---- C:\windows\system32\LMIport.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2016-03-17 84800]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\windows\system32\DRIVERS\thpdrv.sys [2009-06-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys [2010-05-08 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ.SYS [2009-07-14 26840]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2016-03-17 264552]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-12-19 186784]
R1 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2016-03-17 198096]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2016-03-17 53384]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-03-04 27552]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R1 VBoxDrv;VirtualBox Service; C:\windows\system32\DRIVERS\VBoxDrv.sys [2011-05-16 231600]
R2 aksdf;aksdf; \??\C:\windows\system32\drivers\aksdf.sys [2011-11-24 78208]
R2 aksfridge;Sentinel Fridge; C:\windows\system32\DRIVERS\aksfridge.sys [2011-11-24 139592]
R2 ekbdflt;ekbdflt; C:\windows\system32\DRIVERS\ekbdflt.sys [2015-12-19 142976]
R2 hardlock;hardlock; \??\C:\windows\system32\drivers\hardlock.sys [2011-10-07 321536]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2013-05-29 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\windows\system32\drivers\LMIRfsDriver.sys [2011-01-11 72216]
R2 rimspci;rimspci; C:\windows\system32\DRIVERS\rimspe64.sys [2009-07-02 60416]
R2 risdpcie;risdpcie; C:\windows\system32\DRIVERS\risdpe64.sys [2009-11-27 80384]
R2 rixdpcie;rixdpcie; C:\windows\system32\DRIVERS\rixdpe64.sys [2011-04-26 53760]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2009-11-27 267824]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver; C:\windows\System32\Drivers\ATSwpWDF.sys [2010-05-20 770152]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\windows\system32\DRIVERS\e1k62x64.sys [2010-01-14 295088]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-07-28 10610400]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2009-10-30 2020512]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-01-08 271872]
R3 lmimirr;lmimirr; C:\windows\system32\DRIVERS\lmimirr.sys [2011-01-11 11552]
R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 StillCam;Still Serial Digital Camera Driver; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 tap0901;TAP-Win32 Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys [2008-11-19 29696]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
R3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 58744]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 akshasp;SafeNet Inc. HASP Key; C:\windows\system32\DRIVERS\akshasp.sys [2009-03-13 53760]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\windows\system32\DRIVERS\akshhl.sys [2011-09-08 57088]
S3 aksusb;SafeNet Inc. USB Key; C:\windows\system32\DRIVERS\aksusb.sys [2011-08-09 21120]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\windows\system32\DRIVERS\lgandnetbus64.sys [2015-01-21 20992]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys [2015-01-26 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\windows\system32\DRIVERS\lgandnetmodem64.sys [2015-01-26 37376]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\windows\system32\DRIVERS\ewusbnet.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\windows\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusb_cdcacm;hwusb_cdcacm; C:\windows\system32\DRIVERS\ew_cdcacm.sys []
S3 hwusb_wwanecm;hwusb_wwanecm; C:\windows\system32\DRIVERS\ew_wwanecm.sys []
S3 KMWDFILTER;HIDServiceDesc; C:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsucx64.sys [2011-08-17 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\windows\system32\DRIVERS\ss_bus.sys [2009-09-21 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\windows\system32\DRIVERS\ss_mdfl.sys [2009-09-21 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\windows\system32\DRIVERS\ss_mdm.sys [2009-09-21 161280]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbbus;LGE Mobile Composite USB Device; C:\windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgx64modem.sys []
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\windows\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-11-14 2723576]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2009-07-31 5762408]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-03-17 2521440]
R2 hasplms;Sentinel HASP License Manager; C:\windows\system32\hasplms.exe [2011-12-02 4913608]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2016-03-19 417288]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2016-03-19 508424]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 262144]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2011-01-11 407424]
R2 NeroMediaHomeService.4;Nero MediaHome 4 Service; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [2012-12-20 518632]
R2 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2008-11-19 15872]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-05-11 124368]
R2 Thpsrv;Ochrana HDD TOSHIBA; C:\windows\system32\ThpSrv.exe [2009-10-21 531520]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-02-25 252928]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-19 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 Samsung UPD Service2;Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [2011-12-02 165456]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 193904]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-11-05 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-05 824688]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
no občas sa sekne
Re: Prosím o kontrolu
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: Prosím o kontrolu
ComboFix 16-04-06.01 - Elen . 04. 2016 19:18:47.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.3824.1589 [GMT 2:00]
Running from: c:\users\ROYAL\Desktop\ComboFix.exe
AV: ESET Smart Security 9.0.318.22 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personálny firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 9.0.374.1 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2016-03-07 to 2016-04-07 )))))))))))))))))))))))))))))))
.
.
2016-04-07 17:25 . 2016-04-07 17:25 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-04-07 17:25 . 2016-04-07 17:25 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2016-04-05 14:22 . 2016-03-25 19:06 38120 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-04-05 14:17 . 2016-02-05 19:03 147904 ----a-w- c:\windows\system32\drivers\tpm.sys
2016-04-05 14:17 . 2016-02-05 18:56 20480 ----a-w- c:\windows\system32\tbs.dll
2016-04-05 14:17 . 2016-02-05 18:54 109568 ----a-w- c:\windows\system32\fveapibase.dll
2016-04-05 14:17 . 2016-02-05 18:53 8192 ----a-w- c:\windows\system32\drivers\en-US\tpm.sys.mui
2016-04-05 14:17 . 2016-02-05 17:33 15360 ----a-w- c:\windows\SysWow64\tbs.dll
2016-04-05 14:17 . 2015-06-03 20:22 257864 ----a-w- c:\windows\SysWow64\wbem\Win32_Tpm.dll
2016-04-05 14:17 . 2015-06-03 20:21 451080 ----a-w- c:\windows\system32\fveapi.dll
2016-04-05 14:17 . 2015-06-03 20:21 312600 ----a-w- c:\windows\system32\wbem\Win32_Tpm.dll
2016-03-31 06:49 . 2016-03-31 06:49 -------- d-----w- c:\program files\trend micro
2016-03-24 08:40 . 2016-03-24 08:41 -------- d-----w- c:\program files\Defraggler
2016-03-18 14:33 . 2016-03-28 13:02 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-03-18 14:32 . 2016-03-28 13:04 -------- d-----w- c:\program files\Java
2016-03-15 00:02 . 2016-03-15 00:02 2689680 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL
2016-03-14 12:11 . 2016-03-14 12:12 -------- d-----w- c:\program files (x86)\LG Electronics
2016-03-09 10:17 . 2016-02-08 20:38 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2016-03-09 10:16 . 2016-02-04 17:52 3211264 ----a-w- c:\windows\system32\win32k.sys
2016-03-09 10:03 . 2016-02-09 09:55 30720 ----a-w- c:\windows\system32\seclogon.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-24 13:32 . 2015-05-05 15:14 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-24 13:32 . 2015-05-05 15:14 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-19 19:01 . 2011-08-18 09:27 122400 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2016-03-19 19:01 . 2011-08-18 09:27 107008 ----a-w- c:\windows\system32\LMIinit.dll
2016-03-17 13:05 . 2015-07-14 13:29 84800 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2016-03-17 13:05 . 2015-07-14 13:29 53384 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2016-03-17 13:05 . 2015-07-14 13:29 264552 ----a-w- c:\windows\system32\drivers\eamonm.sys
2016-03-17 13:05 . 2015-07-14 13:29 198096 ----a-w- c:\windows\system32\drivers\epfw.sys
2016-03-11 12:34 . 2011-08-18 09:27 122400 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2016-03-09 10:25 . 2011-08-11 09:22 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-03-04 09:32 . 2016-03-04 09:32 27552 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2016-03-02 18:51 . 2011-08-18 09:27 35328 ----a-w- c:\windows\system32\LMIport.dll
2016-02-12 18:52 . 2016-03-04 10:43 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-12 18:52 . 2016-03-04 10:43 3169792 ----a-w- c:\windows\system32\wucltux.dll
2016-02-12 18:52 . 2016-03-04 10:43 192512 ----a-w- c:\windows\system32\wuwebv.dll
2016-02-12 18:44 . 2016-03-04 10:43 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-02-12 18:39 . 2016-03-04 10:43 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2016-02-12 18:22 . 2016-03-04 10:43 2610688 ----a-w- c:\windows\system32\wuaueng.dll
2016-02-12 18:19 . 2016-03-04 10:43 709120 ----a-w- c:\windows\system32\wuapi.dll
2016-02-12 18:18 . 2016-03-04 10:43 37888 ----a-w- c:\windows\system32\wuapp.exe
2016-02-12 18:18 . 2016-03-04 10:43 140288 ----a-w- c:\windows\system32\wuauclt.exe
2016-02-12 18:18 . 2016-03-04 10:43 36864 ----a-w- c:\windows\system32\wups.dll
2016-02-12 18:18 . 2016-03-04 10:43 37888 ----a-w- c:\windows\system32\wups2.dll
2016-02-12 18:18 . 2016-03-04 10:43 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2016-02-12 18:06 . 2016-03-04 10:43 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2016-02-12 18:05 . 2016-03-04 10:43 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2016-02-12 18:05 . 2016-03-04 10:43 30208 ----a-w- c:\windows\SysWow64\wups.dll
2016-02-12 18:05 . 2016-03-04 10:43 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2016-02-11 18:48 . 2016-03-09 10:18 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-11 18:37 . 2016-03-09 10:18 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-11 18:30 . 2016-03-09 10:18 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-01-22 06:19 . 2016-02-10 12:03 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-01-22 06:18 . 2016-02-10 12:06 961024 ----a-w- c:\windows\system32\CPFilters.dll
2016-01-22 06:18 . 2016-02-10 12:06 723968 ----a-w- c:\windows\system32\EncDec.dll
2016-01-22 06:17 . 2016-02-10 12:06 159744 ----a-w- c:\windows\system32\mtxoci.dll
2016-01-22 06:15 . 2016-02-10 12:03 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-01-22 06:04 . 2016-02-10 12:06 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2016-01-22 06:04 . 2016-02-10 12:06 535040 ----a-w- c:\windows\SysWow64\EncDec.dll
2016-01-22 06:02 . 2016-02-10 12:06 114176 ----a-w- c:\windows\SysWow64\mtxoci.dll
2016-01-22 06:02 . 2016-02-10 12:06 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
2016-01-22 06:00 . 2016-02-10 12:03 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-01-22 05:19 . 2016-02-10 12:03 3231232 ----a-w- c:\windows\explorer.exe
2016-01-22 05:12 . 2016-02-10 12:03 2973184 ----a-w- c:\windows\SysWow64\explorer.exe
2016-01-16 19:01 . 2016-02-10 12:04 2085888 ----a-w- c:\windows\system32\ole32.dll
2016-01-16 18:36 . 2016-02-10 12:04 1413632 ----a-w- c:\windows\SysWow64\ole32.dll
2016-01-11 19:11 . 2016-02-17 08:56 1684416 ----a-w- c:\windows\system32\drivers\ntfs.sys
2007-04-20 06:50 . 2007-04-20 06:50 109648 ----a-w- c:\program files (x86)\AcDimRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 125008 ----a-w- c:\program files (x86)\WSCommCntrUI1Res.dll
2007-04-10 08:16 . 2007-04-10 08:16 19536 ----a-w- c:\program files (x86)\WSCommCntrAcConRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 9296 ----a-w- c:\program files (x86)\whohasRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 29264 ----a-w- c:\program files (x86)\unitsRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 26192 ----a-w- c:\program files (x86)\textfindRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 9296 ----a-w- c:\program files (x86)\texteditRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 45136 ----a-w- c:\program files (x86)\styshwizRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 23120 ----a-w- c:\program files (x86)\styexeRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 8272 ----a-w- c:\program files (x86)\sharemfcRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 21072 ----a-w- c:\program files (x86)\sfttabacRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 78928 ----a-w- c:\program files (x86)\senddmpRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 13392 ----a-w- c:\program files (x86)\RegAcadltRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 32336 ----a-w- c:\program files (x86)\R14PSKitRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 45648 ----a-w- c:\program files (x86)\psizewizRes.dll
2007-04-10 08:15 . 2007-04-10 08:15 140880 ----a-w- c:\program files (x86)\prntprogRes.dll
2007-04-10 08:15 . 2007-04-10 08:15 12880 ----a-w- c:\program files (x86)\pmres9.dll
2007-04-10 08:15 . 2007-04-10 08:15 30800 ----a-w- c:\program files (x86)\plcfmgrRes.dll
2007-04-10 08:15 . 2007-04-10 08:15 13392 ----a-w- c:\program files (x86)\plcferr.dll
2007-04-10 08:15 . 2007-04-10 08:15 34384 ----a-w- c:\program files (x86)\plcalwizRes.dll
2007-04-10 08:15 . 2007-04-10 08:15 22608 ----a-w- c:\program files (x86)\pctres9.dll
2007-04-10 08:15 . 2007-04-10 08:15 23632 ----a-w- c:\program files (x86)\pc3exeRes.dll
2007-04-10 08:15 . 2007-04-10 08:15 155728 ----a-w- c:\program files (x86)\pc3EditRes.dll
2007-04-10 08:15 . 2007-04-10 08:15 8784 ----a-w- c:\program files (x86)\passwordUIRes.dll
2007-04-10 08:14 . 2007-04-10 08:14 25168 ----a-w- c:\program files (x86)\HPSETUPRes.dll
2007-04-10 08:14 . 2007-04-10 08:14 10320 ----a-w- c:\program files (x86)\hideRes.dll
2007-04-10 08:14 . 2007-04-10 08:14 25680 ----a-w- c:\program files (x86)\hcreg9Res.dll
2007-04-10 08:14 . 2007-04-10 08:14 114768 ----a-w- c:\program files (x86)\gridres.dll
2007-04-10 08:14 . 2007-04-10 08:14 23120 ----a-w- c:\program files (x86)\fontcapres.dll
2007-04-10 08:14 . 2007-04-10 08:14 51280 ----a-w- c:\program files (x86)\errcsy.dll
2007-04-10 08:14 . 2007-04-10 08:14 51280 ----a-w- c:\program files (x86)\erren.dll
2007-04-10 08:14 . 2007-04-10 08:14 196176 ----a-w- c:\program files (x86)\dwgaidsRes.dll
2007-04-10 08:14 . 2007-04-10 08:14 23120 ----a-w- c:\program files (x86)\dswhipRes.dll
2007-04-10 08:14 . 2007-04-10 08:14 32336 ----a-w- c:\program files (x86)\colorRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 22608 ----a-w- c:\program files (x86)\BzPSLang.dll
2007-04-10 08:13 . 2007-04-10 08:13 36944 ----a-w- c:\program files (x86)\ax17csyres.dll
2007-04-10 08:13 . 2007-04-10 08:13 17488 ----a-w- c:\program files (x86)\atteditRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 140880 ----a-w- c:\program files (x86)\ASMm120csyres.dll
2007-04-10 08:13 . 2007-04-10 08:13 23120 ----a-w- c:\program files (x86)\apperrRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 53840 ----a-w- c:\program files (x86)\anavRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 91216 ----a-w- c:\program files (x86)\adui17res.dll
2007-04-10 08:13 . 2007-04-10 08:13 156752 ----a-w- c:\program files (x86)\AdSubAwareres.dll
2007-04-10 08:13 . 2007-04-10 08:13 40016 ----a-w- c:\program files (x86)\adlmres.dll
2007-04-10 08:13 . 2007-04-10 08:13 63056 ----a-w- c:\program files (x86)\AdImagingRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 10832 ----a-w- c:\program files (x86)\AdHelpSearchRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 38992 ----a-w- c:\program files (x86)\AdFTPRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 32848 ----a-w- c:\program files (x86)\AdEregres.dll
2007-04-10 08:13 . 2007-04-10 08:13 63568 ----a-w- c:\program files (x86)\addplwizRes.dll
2007-04-10 08:12 . 2007-04-10 08:12 27216 ----a-w- c:\program files (x86)\adctrlsRes.dll
2007-04-10 08:12 . 2007-04-10 08:12 92752 ----a-w- c:\program files (x86)\AcXrefVaultUIRes.dll
2007-04-10 08:12 . 2007-04-10 08:12 79952 ----a-w- c:\program files (x86)\AcXrefEswRes.dll
2007-04-10 08:12 . 2007-04-10 08:12 32336 ----a-w- c:\program files (x86)\acxploderes.dll
2007-04-10 08:12 . 2007-04-10 08:12 9808 ----a-w- c:\program files (x86)\AcWipeoutRes.dll
2007-04-10 08:12 . 2007-04-10 08:12 50256 ----a-w- c:\program files (x86)\acwebpublishRes.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-03-20 595480]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AndnetBus;LGE Mobile USB Composite Device;c:\windows\system32\DRIVERS\lgandnetbus64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetbus64.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 hwusb_cdcacm;hwusb_cdcacm;c:\windows\system32\DRIVERS\ew_cdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_cdcacm.sys [x]
R3 hwusb_wwanecm;hwusb_wwanecm;c:\windows\system32\DRIVERS\ew_wwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_wwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Samsung UPD Service2;Samsung UPD Service2;c:\windows\System32\SUPDSvc2.exe;c:\windows\SYSNATIVE\SUPDSvc2.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\ATService.exe;c:\program files\Fingerprint Sensor\ATService.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys;c:\windows\SYSNATIVE\DRIVERS\rimspe64.sys [x]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\risdpe64.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\rixdpe64.sys [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2016-04-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-05 13:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ATFPUOverlayIcon]
@="{3239DBC1-B76D-4dc7-8B29-D99CBA3C7336}"
[HKEY_CLASSES_ROOT\CLSID\{3239DBC1-B76D-4dc7-8B29-D99CBA3C7336}]
2009-12-23 05:57 153520 ----a-w- c:\program files\Toshiba\TFPU\TFPUOverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-28 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-28 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-28 415256]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-01-11 57928]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.sk/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Send To &Bluetooth - c:\program files (x86)\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.16.1
FF - ProfilePath - c:\users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\
FF - prefs.js: browser.startup.homepage - www.google.sk
17
17
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG19.00.00.01PROFESSIONAL"="45491528DEC5A6D371ADEB67672DED7A1E003C43855D51B9C564D3A1AB1B28A17F3F10BF90733BF70FFD0A428530F5B0862CC792639422AC7CE0828506EDB94ECAF184DF5276FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CC038D530D6EB3452FEBC9E127BECC74CA6171C11EC38DE3DA9C6AECB7A5D1407154399DF23F6CAA5F4F7ADE91FF435FDD870219EC9AA3E75F92EDB140ED3C53DDBE96A70F161D51719264B26F3FBA9BB42973BF369C84D8448579649798B47F1036752642492CEF8B687F44D55719AA4B959B3A58F8C3B0320558BB61FF8016DF78F7ADE61A77F909CCB3DCC1EDE8B5392612582698DE182F2F07BB09C5FC954EF676D5EDCAF533860561764B044A077DE10102F2AD64125F5A78EE095F6185EE02B1E3048325D5C5ABD5E26F19126527A7BD32685687BA1A32C50C6AF6C86570548E076DA26D17DA54FCE7AC8AD08BB806A39B2B6B357C53C6130B1965ED7225E60EBA8517A88B222090B1E2373599BD3D9E9F5FA20C0ED3E630149F7E1ED2FACCADC12EB0E80A3F49E9721F02ECE7098FAF2641488C50FF37FFB0707FDD1897A13B3D06CB8588E06785DE4A7A343CEB7B1494746BD993064B6B9B7FA302E4D0F7655D71B40D5C481B12BA3BE0734DB5F96C1BB5D80136C5EBD3B7E8D67D3297DE80B6DC564E12A5799B1E73483435080F696B12609AD72747EE450FD093662960E7FACB9D48ABABB33071187B6377C4FD0E6EEF18287867D187BF60EEBEDD1714344844A367E01273723543EB3F8C1C5DCB40B960BE38092D92D90065BB6E26A174C38D023159FD490E4B8E07E1717A00066F2EC3629C8124A860F2E986F962049725E272744CBC55F8C99FB1344856158C668D48B63621EA3FDB6D7D79C00755370602FC32CCD3F7640A720DE54ABCD3683002E85BF5E1D52E8245340674812DD687F4BEE0B84C65D89E6E1C2C2BD6D9D2F225E1313E3B8F78242F96E19AC6049DECBE2104760AA4F552ED996AD000E48C18BCF9753AEDFE9EB542372A47A10A63B2E6205E966F9BC74A8A42455CB42A193CCF0E91B8EC433A770AFCF1B19143C4A5F381E1FB009C81ED663A72192DC4A64CA32D42A66DC101D7E02FE36002406BC70D92238EBEFCAE98D3B551BD3F818D4BE881762AD62F2173F006CD13A3BB02642BDC8A9598BCE56735352EFA7F191EDB56FE44BEED300C5C115F66CE81820000DDFBF8CCDFB93C30459B77137EA74978EE3648FC973913CECB0732BC03EEA26DABE271EB4240D79907D151740C7B1A1016831FDF14635F27A4329D589F35B580B5F94BE092DE31FBAF36BF917B1ECBE93805A0AAE182C43F744D5581FC56F3D50C990735C0370C2FB7732D721167E84A3B6614A5B756CED482FA742F281D95AAF889966D4D546"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2016-04-07 19:29:11
ComboFix-quarantined-files.txt 2016-04-07 17:29
.
Pre-Run: 158 646 468 608 bytes free
Post-Run: 157 966 630 912 bytes free
.
- - End Of File - - 0A4FDB084FB2076F2753AB833D302A56
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.3824.1589 [GMT 2:00]
Running from: c:\users\ROYAL\Desktop\ComboFix.exe
AV: ESET Smart Security 9.0.318.22 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personálny firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 9.0.374.1 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2016-03-07 to 2016-04-07 )))))))))))))))))))))))))))))))
.
.
2016-04-07 17:25 . 2016-04-07 17:25 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-04-07 17:25 . 2016-04-07 17:25 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2016-04-05 14:22 . 2016-03-25 19:06 38120 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-04-05 14:17 . 2016-02-05 19:03 147904 ----a-w- c:\windows\system32\drivers\tpm.sys
2016-04-05 14:17 . 2016-02-05 18:56 20480 ----a-w- c:\windows\system32\tbs.dll
2016-04-05 14:17 . 2016-02-05 18:54 109568 ----a-w- c:\windows\system32\fveapibase.dll
2016-04-05 14:17 . 2016-02-05 18:53 8192 ----a-w- c:\windows\system32\drivers\en-US\tpm.sys.mui
2016-04-05 14:17 . 2016-02-05 17:33 15360 ----a-w- c:\windows\SysWow64\tbs.dll
2016-04-05 14:17 . 2015-06-03 20:22 257864 ----a-w- c:\windows\SysWow64\wbem\Win32_Tpm.dll
2016-04-05 14:17 . 2015-06-03 20:21 451080 ----a-w- c:\windows\system32\fveapi.dll
2016-04-05 14:17 . 2015-06-03 20:21 312600 ----a-w- c:\windows\system32\wbem\Win32_Tpm.dll
2016-03-31 06:49 . 2016-03-31 06:49 -------- d-----w- c:\program files\trend micro
2016-03-24 08:40 . 2016-03-24 08:41 -------- d-----w- c:\program files\Defraggler
2016-03-18 14:33 . 2016-03-28 13:02 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-03-18 14:32 . 2016-03-28 13:04 -------- d-----w- c:\program files\Java
2016-03-15 00:02 . 2016-03-15 00:02 2689680 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL
2016-03-14 12:11 . 2016-03-14 12:12 -------- d-----w- c:\program files (x86)\LG Electronics
2016-03-09 10:17 . 2016-02-08 20:38 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2016-03-09 10:16 . 2016-02-04 17:52 3211264 ----a-w- c:\windows\system32\win32k.sys
2016-03-09 10:03 . 2016-02-09 09:55 30720 ----a-w- c:\windows\system32\seclogon.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-24 13:32 . 2015-05-05 15:14 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-24 13:32 . 2015-05-05 15:14 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-19 19:01 . 2011-08-18 09:27 122400 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2016-03-19 19:01 . 2011-08-18 09:27 107008 ----a-w- c:\windows\system32\LMIinit.dll
2016-03-17 13:05 . 2015-07-14 13:29 84800 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2016-03-17 13:05 . 2015-07-14 13:29 53384 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2016-03-17 13:05 . 2015-07-14 13:29 264552 ----a-w- c:\windows\system32\drivers\eamonm.sys
2016-03-17 13:05 . 2015-07-14 13:29 198096 ----a-w- c:\windows\system32\drivers\epfw.sys
2016-03-11 12:34 . 2011-08-18 09:27 122400 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2016-03-09 10:25 . 2011-08-11 09:22 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-03-04 09:32 . 2016-03-04 09:32 27552 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2016-03-02 18:51 . 2011-08-18 09:27 35328 ----a-w- c:\windows\system32\LMIport.dll
2016-02-12 18:52 . 2016-03-04 10:43 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-12 18:52 . 2016-03-04 10:43 3169792 ----a-w- c:\windows\system32\wucltux.dll
2016-02-12 18:52 . 2016-03-04 10:43 192512 ----a-w- c:\windows\system32\wuwebv.dll
2016-02-12 18:44 . 2016-03-04 10:43 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-02-12 18:39 . 2016-03-04 10:43 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2016-02-12 18:22 . 2016-03-04 10:43 2610688 ----a-w- c:\windows\system32\wuaueng.dll
2016-02-12 18:19 . 2016-03-04 10:43 709120 ----a-w- c:\windows\system32\wuapi.dll
2016-02-12 18:18 . 2016-03-04 10:43 37888 ----a-w- c:\windows\system32\wuapp.exe
2016-02-12 18:18 . 2016-03-04 10:43 140288 ----a-w- c:\windows\system32\wuauclt.exe
2016-02-12 18:18 . 2016-03-04 10:43 36864 ----a-w- c:\windows\system32\wups.dll
2016-02-12 18:18 . 2016-03-04 10:43 37888 ----a-w- c:\windows\system32\wups2.dll
2016-02-12 18:18 . 2016-03-04 10:43 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2016-02-12 18:06 . 2016-03-04 10:43 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2016-02-12 18:05 . 2016-03-04 10:43 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2016-02-12 18:05 . 2016-03-04 10:43 30208 ----a-w- c:\windows\SysWow64\wups.dll
2016-02-12 18:05 . 2016-03-04 10:43 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2016-02-11 18:48 . 2016-03-09 10:18 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-11 18:37 . 2016-03-09 10:18 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-11 18:30 . 2016-03-09 10:18 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-01-22 06:19 . 2016-02-10 12:03 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-01-22 06:18 . 2016-02-10 12:06 961024 ----a-w- c:\windows\system32\CPFilters.dll
2016-01-22 06:18 . 2016-02-10 12:06 723968 ----a-w- c:\windows\system32\EncDec.dll
2016-01-22 06:17 . 2016-02-10 12:06 159744 ----a-w- c:\windows\system32\mtxoci.dll
2016-01-22 06:15 . 2016-02-10 12:03 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-01-22 06:04 . 2016-02-10 12:06 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2016-01-22 06:04 . 2016-02-10 12:06 535040 ----a-w- c:\windows\SysWow64\EncDec.dll
2016-01-22 06:02 . 2016-02-10 12:06 114176 ----a-w- c:\windows\SysWow64\mtxoci.dll
2016-01-22 06:02 . 2016-02-10 12:06 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
2016-01-22 06:00 . 2016-02-10 12:03 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-01-22 05:19 . 2016-02-10 12:03 3231232 ----a-w- c:\windows\explorer.exe
2016-01-22 05:12 . 2016-02-10 12:03 2973184 ----a-w- c:\windows\SysWow64\explorer.exe
2016-01-16 19:01 . 2016-02-10 12:04 2085888 ----a-w- c:\windows\system32\ole32.dll
2016-01-16 18:36 . 2016-02-10 12:04 1413632 ----a-w- c:\windows\SysWow64\ole32.dll
2016-01-11 19:11 . 2016-02-17 08:56 1684416 ----a-w- c:\windows\system32\drivers\ntfs.sys
2007-04-20 06:50 . 2007-04-20 06:50 109648 ----a-w- c:\program files (x86)\AcDimRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 125008 ----a-w- c:\program files (x86)\WSCommCntrUI1Res.dll
2007-04-10 08:16 . 2007-04-10 08:16 19536 ----a-w- c:\program files (x86)\WSCommCntrAcConRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 9296 ----a-w- c:\program files (x86)\whohasRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 29264 ----a-w- c:\program files (x86)\unitsRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 26192 ----a-w- c:\program files (x86)\textfindRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 9296 ----a-w- c:\program files (x86)\texteditRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 45136 ----a-w- c:\program files (x86)\styshwizRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 23120 ----a-w- c:\program files (x86)\styexeRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 8272 ----a-w- c:\program files (x86)\sharemfcRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 21072 ----a-w- c:\program files (x86)\sfttabacRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 78928 ----a-w- c:\program files (x86)\senddmpRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 13392 ----a-w- c:\program files (x86)\RegAcadltRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 32336 ----a-w- c:\program files (x86)\R14PSKitRes.dll
2007-04-10 08:16 . 2007-04-10 08:16 45648 ----a-w- c:\program files (x86)\psizewizRes.dll
2007-04-10 08:15 . 2007-04-10 08:15 140880 ----a-w- c:\program files (x86)\prntprogRes.dll
2007-04-10 08:15 . 2007-04-10 08:15 12880 ----a-w- c:\program files (x86)\pmres9.dll
2007-04-10 08:15 . 2007-04-10 08:15 30800 ----a-w- c:\program files (x86)\plcfmgrRes.dll
2007-04-10 08:15 . 2007-04-10 08:15 13392 ----a-w- c:\program files (x86)\plcferr.dll
2007-04-10 08:15 . 2007-04-10 08:15 34384 ----a-w- c:\program files (x86)\plcalwizRes.dll
2007-04-10 08:15 . 2007-04-10 08:15 22608 ----a-w- c:\program files (x86)\pctres9.dll
2007-04-10 08:15 . 2007-04-10 08:15 23632 ----a-w- c:\program files (x86)\pc3exeRes.dll
2007-04-10 08:15 . 2007-04-10 08:15 155728 ----a-w- c:\program files (x86)\pc3EditRes.dll
2007-04-10 08:15 . 2007-04-10 08:15 8784 ----a-w- c:\program files (x86)\passwordUIRes.dll
2007-04-10 08:14 . 2007-04-10 08:14 25168 ----a-w- c:\program files (x86)\HPSETUPRes.dll
2007-04-10 08:14 . 2007-04-10 08:14 10320 ----a-w- c:\program files (x86)\hideRes.dll
2007-04-10 08:14 . 2007-04-10 08:14 25680 ----a-w- c:\program files (x86)\hcreg9Res.dll
2007-04-10 08:14 . 2007-04-10 08:14 114768 ----a-w- c:\program files (x86)\gridres.dll
2007-04-10 08:14 . 2007-04-10 08:14 23120 ----a-w- c:\program files (x86)\fontcapres.dll
2007-04-10 08:14 . 2007-04-10 08:14 51280 ----a-w- c:\program files (x86)\errcsy.dll
2007-04-10 08:14 . 2007-04-10 08:14 51280 ----a-w- c:\program files (x86)\erren.dll
2007-04-10 08:14 . 2007-04-10 08:14 196176 ----a-w- c:\program files (x86)\dwgaidsRes.dll
2007-04-10 08:14 . 2007-04-10 08:14 23120 ----a-w- c:\program files (x86)\dswhipRes.dll
2007-04-10 08:14 . 2007-04-10 08:14 32336 ----a-w- c:\program files (x86)\colorRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 22608 ----a-w- c:\program files (x86)\BzPSLang.dll
2007-04-10 08:13 . 2007-04-10 08:13 36944 ----a-w- c:\program files (x86)\ax17csyres.dll
2007-04-10 08:13 . 2007-04-10 08:13 17488 ----a-w- c:\program files (x86)\atteditRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 140880 ----a-w- c:\program files (x86)\ASMm120csyres.dll
2007-04-10 08:13 . 2007-04-10 08:13 23120 ----a-w- c:\program files (x86)\apperrRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 53840 ----a-w- c:\program files (x86)\anavRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 91216 ----a-w- c:\program files (x86)\adui17res.dll
2007-04-10 08:13 . 2007-04-10 08:13 156752 ----a-w- c:\program files (x86)\AdSubAwareres.dll
2007-04-10 08:13 . 2007-04-10 08:13 40016 ----a-w- c:\program files (x86)\adlmres.dll
2007-04-10 08:13 . 2007-04-10 08:13 63056 ----a-w- c:\program files (x86)\AdImagingRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 10832 ----a-w- c:\program files (x86)\AdHelpSearchRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 38992 ----a-w- c:\program files (x86)\AdFTPRes.dll
2007-04-10 08:13 . 2007-04-10 08:13 32848 ----a-w- c:\program files (x86)\AdEregres.dll
2007-04-10 08:13 . 2007-04-10 08:13 63568 ----a-w- c:\program files (x86)\addplwizRes.dll
2007-04-10 08:12 . 2007-04-10 08:12 27216 ----a-w- c:\program files (x86)\adctrlsRes.dll
2007-04-10 08:12 . 2007-04-10 08:12 92752 ----a-w- c:\program files (x86)\AcXrefVaultUIRes.dll
2007-04-10 08:12 . 2007-04-10 08:12 79952 ----a-w- c:\program files (x86)\AcXrefEswRes.dll
2007-04-10 08:12 . 2007-04-10 08:12 32336 ----a-w- c:\program files (x86)\acxploderes.dll
2007-04-10 08:12 . 2007-04-10 08:12 9808 ----a-w- c:\program files (x86)\AcWipeoutRes.dll
2007-04-10 08:12 . 2007-04-10 08:12 50256 ----a-w- c:\program files (x86)\acwebpublishRes.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-03-20 595480]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AndnetBus;LGE Mobile USB Composite Device;c:\windows\system32\DRIVERS\lgandnetbus64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetbus64.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 hwusb_cdcacm;hwusb_cdcacm;c:\windows\system32\DRIVERS\ew_cdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_cdcacm.sys [x]
R3 hwusb_wwanecm;hwusb_wwanecm;c:\windows\system32\DRIVERS\ew_wwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_wwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Samsung UPD Service2;Samsung UPD Service2;c:\windows\System32\SUPDSvc2.exe;c:\windows\SYSNATIVE\SUPDSvc2.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\ATService.exe;c:\program files\Fingerprint Sensor\ATService.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys;c:\windows\SYSNATIVE\DRIVERS\rimspe64.sys [x]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\risdpe64.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\rixdpe64.sys [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2016-04-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-05 13:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ATFPUOverlayIcon]
@="{3239DBC1-B76D-4dc7-8B29-D99CBA3C7336}"
[HKEY_CLASSES_ROOT\CLSID\{3239DBC1-B76D-4dc7-8B29-D99CBA3C7336}]
2009-12-23 05:57 153520 ----a-w- c:\program files\Toshiba\TFPU\TFPUOverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-28 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-28 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-28 415256]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-01-11 57928]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.sk/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Send To &Bluetooth - c:\program files (x86)\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.16.1
FF - ProfilePath - c:\users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\
FF - prefs.js: browser.startup.homepage - www.google.sk
17
17
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG19.00.00.01PROFESSIONAL"="45491528DEC5A6D371ADEB67672DED7A1E003C43855D51B9C564D3A1AB1B28A17F3F10BF90733BF70FFD0A428530F5B0862CC792639422AC7CE0828506EDB94ECAF184DF5276FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CC038D530D6EB3452FEBC9E127BECC74CA6171C11EC38DE3DA9C6AECB7A5D1407154399DF23F6CAA5F4F7ADE91FF435FDD870219EC9AA3E75F92EDB140ED3C53DDBE96A70F161D51719264B26F3FBA9BB42973BF369C84D8448579649798B47F1036752642492CEF8B687F44D55719AA4B959B3A58F8C3B0320558BB61FF8016DF78F7ADE61A77F909CCB3DCC1EDE8B5392612582698DE182F2F07BB09C5FC954EF676D5EDCAF533860561764B044A077DE10102F2AD64125F5A78EE095F6185EE02B1E3048325D5C5ABD5E26F19126527A7BD32685687BA1A32C50C6AF6C86570548E076DA26D17DA54FCE7AC8AD08BB806A39B2B6B357C53C6130B1965ED7225E60EBA8517A88B222090B1E2373599BD3D9E9F5FA20C0ED3E630149F7E1ED2FACCADC12EB0E80A3F49E9721F02ECE7098FAF2641488C50FF37FFB0707FDD1897A13B3D06CB8588E06785DE4A7A343CEB7B1494746BD993064B6B9B7FA302E4D0F7655D71B40D5C481B12BA3BE0734DB5F96C1BB5D80136C5EBD3B7E8D67D3297DE80B6DC564E12A5799B1E73483435080F696B12609AD72747EE450FD093662960E7FACB9D48ABABB33071187B6377C4FD0E6EEF18287867D187BF60EEBEDD1714344844A367E01273723543EB3F8C1C5DCB40B960BE38092D92D90065BB6E26A174C38D023159FD490E4B8E07E1717A00066F2EC3629C8124A860F2E986F962049725E272744CBC55F8C99FB1344856158C668D48B63621EA3FDB6D7D79C00755370602FC32CCD3F7640A720DE54ABCD3683002E85BF5E1D52E8245340674812DD687F4BEE0B84C65D89E6E1C2C2BD6D9D2F225E1313E3B8F78242F96E19AC6049DECBE2104760AA4F552ED996AD000E48C18BCF9753AEDFE9EB542372A47A10A63B2E6205E966F9BC74A8A42455CB42A193CCF0E91B8EC433A770AFCF1B19143C4A5F381E1FB009C81ED663A72192DC4A64CA32D42A66DC101D7E02FE36002406BC70D92238EBEFCAE98D3B551BD3F818D4BE881762AD62F2173F006CD13A3BB02642BDC8A9598BCE56735352EFA7F191EDB56FE44BEED300C5C115F66CE81820000DDFBF8CCDFB93C30459B77137EA74978EE3648FC973913CECB0732BC03EEA26DABE271EB4240D79907D151740C7B1A1016831FDF14635F27A4329D589F35B580B5F94BE092DE31FBAF36BF917B1ECBE93805A0AAE182C43F744D5581FC56F3D50C990735C0370C2FB7732D721167E84A3B6614A5B756CED482FA742F281D95AAF889966D4D546"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2016-04-07 19:29:11
ComboFix-quarantined-files.txt 2016-04-07 17:29
.
Pre-Run: 158 646 468 608 bytes free
Post-Run: 157 966 630 912 bytes free
.
- - End Of File - - 0A4FDB084FB2076F2753AB833D302A56
Re: Prosím o kontrolu
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
Kód: Vybrat vše
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Re: Prosím o kontrolu
ComboFix 16-04-06.01 - Elen . 04. 2016 19:34:50.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.3824.2099 [GMT 2:00]
Running from: c:\users\ROYAL\Desktop\ComboFix.exe
Command switches used :: c:\users\ROYAL\Desktop\CFScript.txt
AV: ESET Smart Security 9.0.318.22 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personálny firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 9.0.374.1 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2016-03-08 to 2016-04-08 )))))))))))))))))))))))))))))))
.
.
2016-04-08 17:41 . 2016-04-08 17:41 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-04-08 17:41 . 2016-04-08 17:41 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2016-04-08 17:41 . 2016-04-08 17:41 -------- d-----w- c:\users\krondiak\AppData\Local\temp
2016-04-08 17:41 . 2016-04-08 17:41 -------- d-----w- c:\users\Knappova\AppData\Local\temp
2016-04-08 17:41 . 2016-04-08 17:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-04-08 17:41 . 2016-04-08 17:41 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2016-04-05 14:22 . 2016-03-25 19:06 38120 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-04-05 14:17 . 2016-02-05 19:03 147904 ----a-w- c:\windows\system32\drivers\tpm.sys
2016-04-05 14:17 . 2016-02-05 18:56 20480 ----a-w- c:\windows\system32\tbs.dll
2016-04-05 14:17 . 2016-02-05 18:54 109568 ----a-w- c:\windows\system32\fveapibase.dll
2016-04-05 14:17 . 2016-02-05 18:53 8192 ----a-w- c:\windows\system32\drivers\en-US\tpm.sys.mui
2016-04-05 14:17 . 2016-02-05 17:33 15360 ----a-w- c:\windows\SysWow64\tbs.dll
2016-04-05 14:17 . 2015-06-03 20:22 257864 ----a-w- c:\windows\SysWow64\wbem\Win32_Tpm.dll
2016-04-05 14:17 . 2015-06-03 20:21 451080 ----a-w- c:\windows\system32\fveapi.dll
2016-04-05 14:17 . 2015-06-03 20:21 312600 ----a-w- c:\windows\system32\wbem\Win32_Tpm.dll
2016-03-31 06:49 . 2016-03-31 06:49 -------- d-----w- c:\program files\trend micro
2016-03-24 08:40 . 2016-03-24 08:41 -------- d-----w- c:\program files\Defraggler
2016-03-18 14:33 . 2016-03-28 13:02 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-03-18 14:32 . 2016-03-28 13:04 -------- d-----w- c:\program files\Java
2016-03-15 00:02 . 2016-03-15 00:02 2689680 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL
2016-03-14 12:11 . 2016-03-14 12:12 -------- d-----w- c:\program files (x86)\LG Electronics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-24 13:32 . 2015-05-05 15:14 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-24 13:32 . 2015-05-05 15:14 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-19 19:01 . 2011-08-18 09:27 122400 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2016-03-19 19:01 . 2011-08-18 09:27 107008 ----a-w- c:\windows\system32\LMIinit.dll
2016-03-17 13:05 . 2015-07-14 13:29 84800 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2016-03-17 13:05 . 2015-07-14 13:29 53384 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2016-03-17 13:05 . 2015-07-14 13:29 264552 ----a-w- c:\windows\system32\drivers\eamonm.sys
2016-03-17 13:05 . 2015-07-14 13:29 198096 ----a-w- c:\windows\system32\drivers\epfw.sys
2016-03-11 12:34 . 2011-08-18 09:27 122400 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2016-03-09 10:25 . 2011-08-11 09:22 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-03-04 09:32 . 2016-03-04 09:32 27552 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2016-03-02 18:51 . 2011-08-18 09:27 35328 ----a-w- c:\windows\system32\LMIport.dll
2016-02-12 18:52 . 2016-03-04 10:43 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-12 18:52 . 2016-03-04 10:43 3169792 ----a-w- c:\windows\system32\wucltux.dll
2016-02-12 18:52 . 2016-03-04 10:43 192512 ----a-w- c:\windows\system32\wuwebv.dll
2016-02-12 18:44 . 2016-03-04 10:43 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-02-12 18:39 . 2016-03-04 10:43 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2016-02-12 18:22 . 2016-03-04 10:43 2610688 ----a-w- c:\windows\system32\wuaueng.dll
2016-02-12 18:19 . 2016-03-04 10:43 709120 ----a-w- c:\windows\system32\wuapi.dll
2016-02-12 18:18 . 2016-03-04 10:43 37888 ----a-w- c:\windows\system32\wuapp.exe
2016-02-12 18:18 . 2016-03-04 10:43 140288 ----a-w- c:\windows\system32\wuauclt.exe
2016-02-12 18:18 . 2016-03-04 10:43 36864 ----a-w- c:\windows\system32\wups.dll
2016-02-12 18:18 . 2016-03-04 10:43 37888 ----a-w- c:\windows\system32\wups2.dll
2016-02-12 18:18 . 2016-03-04 10:43 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2016-02-12 18:06 . 2016-03-04 10:43 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2016-02-12 18:05 . 2016-03-04 10:43 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2016-02-12 18:05 . 2016-03-04 10:43 30208 ----a-w- c:\windows\SysWow64\wups.dll
2016-02-12 18:05 . 2016-03-04 10:43 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2016-02-11 18:56 . 2016-03-09 10:18 5572032 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-02-11 18:56 . 2016-03-09 10:18 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2016-02-11 18:56 . 2016-03-09 10:18 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-02-11 18:52 . 2016-03-09 10:18 1733592 ----a-w- c:\windows\system32\ntdll.dll
2016-02-11 18:49 . 2016-03-09 10:18 362496 ----a-w- c:\windows\system32\wow64win.dll
2016-02-11 18:49 . 2016-03-09 10:18 243712 ----a-w- c:\windows\system32\wow64.dll
2016-02-11 18:49 . 2016-03-09 10:18 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2016-02-11 18:49 . 2016-03-09 10:18 215040 ----a-w- c:\windows\system32\winsrv.dll
2016-02-11 18:49 . 2016-03-09 10:18 210432 ----a-w- c:\windows\system32\wdigest.dll
2016-02-11 18:49 . 2016-03-09 10:18 86528 ----a-w- c:\windows\system32\TSpkg.dll
2016-02-11 18:49 . 2016-03-09 10:18 135680 ----a-w- c:\windows\system32\sspicli.dll
2016-02-11 18:49 . 2016-03-09 10:18 28672 ----a-w- c:\windows\system32\sspisrv.dll
2016-02-11 18:48 . 2016-03-09 10:18 503808 ----a-w- c:\windows\system32\srcore.dll
2016-02-11 18:48 . 2016-03-09 10:18 50176 ----a-w- c:\windows\system32\srclient.dll
2016-02-11 18:48 . 2016-03-09 10:18 28160 ----a-w- c:\windows\system32\secur32.dll
2016-02-11 18:48 . 2016-03-09 10:18 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-11 18:48 . 2016-03-09 10:18 1214464 ----a-w- c:\windows\system32\rpcrt4.dll
2016-02-11 18:47 . 2016-03-09 10:18 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2016-02-11 18:45 . 2016-03-09 10:18 312320 ----a-w- c:\windows\system32\ncrypt.dll
2016-02-11 18:45 . 2016-03-09 10:18 315392 ----a-w- c:\windows\system32\msv1_0.dll
2016-02-11 18:45 . 2016-03-09 10:18 60416 ----a-w- c:\windows\system32\msobjs.dll
2016-02-11 18:45 . 2016-03-09 10:18 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-02-11 18:44 . 2016-03-09 10:18 3938240 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-02-11 18:44 . 2016-03-09 10:18 3994560 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-02-11 18:44 . 2016-03-09 10:18 1461248 ----a-w- c:\windows\system32\lsasrv.dll
2016-02-11 18:44 . 2016-03-09 10:18 730112 ----a-w- c:\windows\system32\kerberos.dll
2016-02-11 18:44 . 2016-03-09 10:18 422400 ----a-w- c:\windows\system32\KernelBase.dll
2016-02-11 18:44 . 2016-03-09 10:18 1163264 ----a-w- c:\windows\system32\kernel32.dll
2016-02-11 18:42 . 2016-03-09 10:18 43520 ----a-w- c:\windows\system32\csrsrv.dll
2016-02-11 18:42 . 2016-03-09 10:18 43520 ----a-w- c:\windows\system32\cryptbase.dll
2016-02-11 18:42 . 2016-03-09 10:18 22016 ----a-w- c:\windows\system32\credssp.dll
2016-02-11 18:41 . 2016-03-09 10:18 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-02-11 18:41 . 2016-03-09 10:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 880128 ----a-w- c:\windows\system32\advapi32.dll
2016-02-11 18:41 . 2016-03-09 10:18 686080 ----a-w- c:\windows\system32\adtschema.dll
2016-02-11 18:41 . 2016-03-09 10:18 1314328 ----a-w- c:\windows\SysWow64\ntdll.dll
2016-02-11 18:38 . 2016-03-09 10:18 665088 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2016-02-11 18:38 . 2016-03-09 10:18 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2016-02-11 18:38 . 2016-03-09 10:18 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2016-02-11 18:38 . 2016-03-09 10:18 275456 ----a-w- c:\windows\SysWow64\KernelBase.dll
2016-02-11 18:38 . 2016-03-09 10:18 171520 ----a-w- c:\windows\SysWow64\wdigest.dll
2016-02-11 18:38 . 2016-03-09 10:18 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2016-02-11 18:37 . 2016-03-09 10:18 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2016-02-11 18:37 . 2016-03-09 10:18 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2016-02-11 18:37 . 2016-03-09 10:18 251392 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-03-20 595480]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AndnetBus;LGE Mobile USB Composite Device;c:\windows\system32\DRIVERS\lgandnetbus64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetbus64.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 hwusb_cdcacm;hwusb_cdcacm;c:\windows\system32\DRIVERS\ew_cdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_cdcacm.sys [x]
R3 hwusb_wwanecm;hwusb_wwanecm;c:\windows\system32\DRIVERS\ew_wwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_wwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Samsung UPD Service2;Samsung UPD Service2;c:\windows\System32\SUPDSvc2.exe;c:\windows\SYSNATIVE\SUPDSvc2.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\ATService.exe;c:\program files\Fingerprint Sensor\ATService.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys;c:\windows\SYSNATIVE\DRIVERS\rimspe64.sys [x]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\risdpe64.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\rixdpe64.sys [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2016-04-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-05 13:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ATFPUOverlayIcon]
@="{3239DBC1-B76D-4dc7-8B29-D99CBA3C7336}"
[HKEY_CLASSES_ROOT\CLSID\{3239DBC1-B76D-4dc7-8B29-D99CBA3C7336}]
2009-12-23 05:57 153520 ----a-w- c:\program files\Toshiba\TFPU\TFPUOverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-28 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-28 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-28 415256]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-01-11 57928]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.sk/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Send To &Bluetooth - c:\program files (x86)\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.16.1
FF - ProfilePath - c:\users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\
FF - prefs.js: browser.startup.homepage - www.google.sk
17
17
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG19.00.00.01PROFESSIONAL"="45491528DEC5A6D371ADEB67672DED7A1E003C43855D51B9C564D3A1AB1B28A17F3F10BF90733BF70FFD0A428530F5B0862CC792639422AC7CE0828506EDB94ECAF184DF5276FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CC038D530D6EB3452FEBC9E127BECC74CA6171C11EC38DE3DA9C6AECB7A5D1407154399DF23F6CAA5F4F7ADE91FF435FDD870219EC9AA3E75F92EDB140ED3C53DDBE96A70F161D51719264B26F3FBA9BB42973BF369C84D8448579649798B47F1036752642492CEF8B687F44D55719AA4B959B3A58F8C3B0320558BB61FF8016DF78F7ADE61A77F909CCB3DCC1EDE8B5392612582698DE182F2F07BB09C5FC954EF676D5EDCAF533860561764B044A077DE10102F2AD64125F5A78EE095F6185EE02B1E3048325D5C5ABD5E26F19126527A7BD32685687BA1A32C50C6AF6C86570548E076DA26D17DA54FCE7AC8AD08BB806A39B2B6B357C53C6130B1965ED7225E60EBA8517A88B222090B1E2373599BD3D9E9F5FA20C0ED3E630149F7E1ED2FACCADC12EB0E80A3F49E9721F02ECE7098FAF2641488C50FF37FFB0707FDD1897A13B3D06CB8588E06785DE4A7A343CEB7B1494746BD993064B6B9B7FA302E4D0F7655D71B40D5C481B12BA3BE0734DB5F96C1BB5D80136C5EBD3B7E8D67D3297DE80B6DC564E12A5799B1E73483435080F696B12609AD72747EE450FD093662960E7FACB9D48ABABB33071187B6377C4FD0E6EEF18287867D187BF60EEBEDD1714344844A367E01273723543EB3F8C1C5DCB40B960BE38092D92D90065BB6E26A174C38D023159FD490E4B8E07E1717A00066F2EC3629C8124A860F2E986F962049725E272744CBC55F8C99FB1344856158C668D48B63621EA3FDB6D7D79C00755370602FC32CCD3F7640A720DE54ABCD3683002E85BF5E1D52E8245340674812DD687F4BEE0B84C65D89E6E1C2C2BD6D9D2F225E1313E3B8F78242F96E19AC6049DECBE2104760AA4F552ED996AD000E48C18BCF9753AEDFE9EB542372A47A10A63B2E6205E966F9BC74A8A42455CB42A193CCF0E91B8EC433A770AFCF1B19143C4A5F381E1FB009C81ED663A72192DC4A64CA32D42A66DC101D7E02FE36002406BC70D92238EBEFCAE98D3B551BD3F818D4BE881762AD62F2173F006CD13A3BB02642BDC8A9598BCE56735352EFA7F191EDB56FE44BEED300C5C115F66CE81820000DDFBF8CCDFB93C30459B77137EA74978EE3648FC973913CECB0732BC03EEA26DABE271EB4240D79907D151740C7B1A1016831FDF14635F27A4329D589F35B580B5F94BE092DE31FBAF36BF917B1ECBE93805A0AAE182C43F744D5581FC56F3D50C990735C0370C2FB7732D721167E84A3B6614A5B756CED482FA742F281D95AAF889966D4D546"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
Completion time: 2016-04-08 19:44:54
ComboFix-quarantined-files.txt 2016-04-08 17:44
ComboFix2.txt 2016-04-07 17:29
.
Pre-Run: 157 973 147 648 bytes free
Post-Run: 157 872 713 728 bytes free
.
- - End Of File - - 3D0A2E01C2BC688399DA10E67C015B6A
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.3824.2099 [GMT 2:00]
Running from: c:\users\ROYAL\Desktop\ComboFix.exe
Command switches used :: c:\users\ROYAL\Desktop\CFScript.txt
AV: ESET Smart Security 9.0.318.22 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personálny firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 9.0.374.1 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2016-03-08 to 2016-04-08 )))))))))))))))))))))))))))))))
.
.
2016-04-08 17:41 . 2016-04-08 17:41 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-04-08 17:41 . 2016-04-08 17:41 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2016-04-08 17:41 . 2016-04-08 17:41 -------- d-----w- c:\users\krondiak\AppData\Local\temp
2016-04-08 17:41 . 2016-04-08 17:41 -------- d-----w- c:\users\Knappova\AppData\Local\temp
2016-04-08 17:41 . 2016-04-08 17:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-04-08 17:41 . 2016-04-08 17:41 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2016-04-05 14:22 . 2016-03-25 19:06 38120 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-04-05 14:17 . 2016-02-05 19:03 147904 ----a-w- c:\windows\system32\drivers\tpm.sys
2016-04-05 14:17 . 2016-02-05 18:56 20480 ----a-w- c:\windows\system32\tbs.dll
2016-04-05 14:17 . 2016-02-05 18:54 109568 ----a-w- c:\windows\system32\fveapibase.dll
2016-04-05 14:17 . 2016-02-05 18:53 8192 ----a-w- c:\windows\system32\drivers\en-US\tpm.sys.mui
2016-04-05 14:17 . 2016-02-05 17:33 15360 ----a-w- c:\windows\SysWow64\tbs.dll
2016-04-05 14:17 . 2015-06-03 20:22 257864 ----a-w- c:\windows\SysWow64\wbem\Win32_Tpm.dll
2016-04-05 14:17 . 2015-06-03 20:21 451080 ----a-w- c:\windows\system32\fveapi.dll
2016-04-05 14:17 . 2015-06-03 20:21 312600 ----a-w- c:\windows\system32\wbem\Win32_Tpm.dll
2016-03-31 06:49 . 2016-03-31 06:49 -------- d-----w- c:\program files\trend micro
2016-03-24 08:40 . 2016-03-24 08:41 -------- d-----w- c:\program files\Defraggler
2016-03-18 14:33 . 2016-03-28 13:02 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-03-18 14:32 . 2016-03-28 13:04 -------- d-----w- c:\program files\Java
2016-03-15 00:02 . 2016-03-15 00:02 2689680 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL
2016-03-14 12:11 . 2016-03-14 12:12 -------- d-----w- c:\program files (x86)\LG Electronics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-24 13:32 . 2015-05-05 15:14 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-24 13:32 . 2015-05-05 15:14 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-19 19:01 . 2011-08-18 09:27 122400 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2016-03-19 19:01 . 2011-08-18 09:27 107008 ----a-w- c:\windows\system32\LMIinit.dll
2016-03-17 13:05 . 2015-07-14 13:29 84800 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2016-03-17 13:05 . 2015-07-14 13:29 53384 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2016-03-17 13:05 . 2015-07-14 13:29 264552 ----a-w- c:\windows\system32\drivers\eamonm.sys
2016-03-17 13:05 . 2015-07-14 13:29 198096 ----a-w- c:\windows\system32\drivers\epfw.sys
2016-03-11 12:34 . 2011-08-18 09:27 122400 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2016-03-09 10:25 . 2011-08-11 09:22 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-03-04 09:32 . 2016-03-04 09:32 27552 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2016-03-02 18:51 . 2011-08-18 09:27 35328 ----a-w- c:\windows\system32\LMIport.dll
2016-02-12 18:52 . 2016-03-04 10:43 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-12 18:52 . 2016-03-04 10:43 3169792 ----a-w- c:\windows\system32\wucltux.dll
2016-02-12 18:52 . 2016-03-04 10:43 192512 ----a-w- c:\windows\system32\wuwebv.dll
2016-02-12 18:44 . 2016-03-04 10:43 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-02-12 18:39 . 2016-03-04 10:43 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2016-02-12 18:22 . 2016-03-04 10:43 2610688 ----a-w- c:\windows\system32\wuaueng.dll
2016-02-12 18:19 . 2016-03-04 10:43 709120 ----a-w- c:\windows\system32\wuapi.dll
2016-02-12 18:18 . 2016-03-04 10:43 37888 ----a-w- c:\windows\system32\wuapp.exe
2016-02-12 18:18 . 2016-03-04 10:43 140288 ----a-w- c:\windows\system32\wuauclt.exe
2016-02-12 18:18 . 2016-03-04 10:43 36864 ----a-w- c:\windows\system32\wups.dll
2016-02-12 18:18 . 2016-03-04 10:43 37888 ----a-w- c:\windows\system32\wups2.dll
2016-02-12 18:18 . 2016-03-04 10:43 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2016-02-12 18:06 . 2016-03-04 10:43 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2016-02-12 18:05 . 2016-03-04 10:43 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2016-02-12 18:05 . 2016-03-04 10:43 30208 ----a-w- c:\windows\SysWow64\wups.dll
2016-02-12 18:05 . 2016-03-04 10:43 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2016-02-11 18:56 . 2016-03-09 10:18 5572032 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-02-11 18:56 . 2016-03-09 10:18 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2016-02-11 18:56 . 2016-03-09 10:18 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-02-11 18:52 . 2016-03-09 10:18 1733592 ----a-w- c:\windows\system32\ntdll.dll
2016-02-11 18:49 . 2016-03-09 10:18 362496 ----a-w- c:\windows\system32\wow64win.dll
2016-02-11 18:49 . 2016-03-09 10:18 243712 ----a-w- c:\windows\system32\wow64.dll
2016-02-11 18:49 . 2016-03-09 10:18 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2016-02-11 18:49 . 2016-03-09 10:18 215040 ----a-w- c:\windows\system32\winsrv.dll
2016-02-11 18:49 . 2016-03-09 10:18 210432 ----a-w- c:\windows\system32\wdigest.dll
2016-02-11 18:49 . 2016-03-09 10:18 86528 ----a-w- c:\windows\system32\TSpkg.dll
2016-02-11 18:49 . 2016-03-09 10:18 135680 ----a-w- c:\windows\system32\sspicli.dll
2016-02-11 18:49 . 2016-03-09 10:18 28672 ----a-w- c:\windows\system32\sspisrv.dll
2016-02-11 18:48 . 2016-03-09 10:18 503808 ----a-w- c:\windows\system32\srcore.dll
2016-02-11 18:48 . 2016-03-09 10:18 50176 ----a-w- c:\windows\system32\srclient.dll
2016-02-11 18:48 . 2016-03-09 10:18 28160 ----a-w- c:\windows\system32\secur32.dll
2016-02-11 18:48 . 2016-03-09 10:18 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-11 18:48 . 2016-03-09 10:18 1214464 ----a-w- c:\windows\system32\rpcrt4.dll
2016-02-11 18:47 . 2016-03-09 10:18 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2016-02-11 18:45 . 2016-03-09 10:18 312320 ----a-w- c:\windows\system32\ncrypt.dll
2016-02-11 18:45 . 2016-03-09 10:18 315392 ----a-w- c:\windows\system32\msv1_0.dll
2016-02-11 18:45 . 2016-03-09 10:18 60416 ----a-w- c:\windows\system32\msobjs.dll
2016-02-11 18:45 . 2016-03-09 10:18 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-02-11 18:44 . 2016-03-09 10:18 3938240 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-02-11 18:44 . 2016-03-09 10:18 3994560 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-02-11 18:44 . 2016-03-09 10:18 1461248 ----a-w- c:\windows\system32\lsasrv.dll
2016-02-11 18:44 . 2016-03-09 10:18 730112 ----a-w- c:\windows\system32\kerberos.dll
2016-02-11 18:44 . 2016-03-09 10:18 422400 ----a-w- c:\windows\system32\KernelBase.dll
2016-02-11 18:44 . 2016-03-09 10:18 1163264 ----a-w- c:\windows\system32\kernel32.dll
2016-02-11 18:42 . 2016-03-09 10:18 43520 ----a-w- c:\windows\system32\csrsrv.dll
2016-02-11 18:42 . 2016-03-09 10:18 43520 ----a-w- c:\windows\system32\cryptbase.dll
2016-02-11 18:42 . 2016-03-09 10:18 22016 ----a-w- c:\windows\system32\credssp.dll
2016-02-11 18:41 . 2016-03-09 10:18 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-02-11 18:41 . 2016-03-09 10:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:18 880128 ----a-w- c:\windows\system32\advapi32.dll
2016-02-11 18:41 . 2016-03-09 10:18 686080 ----a-w- c:\windows\system32\adtschema.dll
2016-02-11 18:41 . 2016-03-09 10:18 1314328 ----a-w- c:\windows\SysWow64\ntdll.dll
2016-02-11 18:38 . 2016-03-09 10:18 665088 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2016-02-11 18:38 . 2016-03-09 10:18 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2016-02-11 18:38 . 2016-03-09 10:18 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2016-02-11 18:38 . 2016-03-09 10:18 275456 ----a-w- c:\windows\SysWow64\KernelBase.dll
2016-02-11 18:38 . 2016-03-09 10:18 171520 ----a-w- c:\windows\SysWow64\wdigest.dll
2016-02-11 18:38 . 2016-03-09 10:18 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2016-02-11 18:37 . 2016-03-09 10:18 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2016-02-11 18:37 . 2016-03-09 10:18 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2016-02-11 18:37 . 2016-03-09 10:18 251392 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-03-20 595480]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AndnetBus;LGE Mobile USB Composite Device;c:\windows\system32\DRIVERS\lgandnetbus64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetbus64.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 hwusb_cdcacm;hwusb_cdcacm;c:\windows\system32\DRIVERS\ew_cdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_cdcacm.sys [x]
R3 hwusb_wwanecm;hwusb_wwanecm;c:\windows\system32\DRIVERS\ew_wwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_wwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Samsung UPD Service2;Samsung UPD Service2;c:\windows\System32\SUPDSvc2.exe;c:\windows\SYSNATIVE\SUPDSvc2.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\ATService.exe;c:\program files\Fingerprint Sensor\ATService.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys;c:\windows\SYSNATIVE\DRIVERS\rimspe64.sys [x]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\risdpe64.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys;c:\windows\SYSNATIVE\DRIVERS\rixdpe64.sys [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2016-04-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-05 13:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ATFPUOverlayIcon]
@="{3239DBC1-B76D-4dc7-8B29-D99CBA3C7336}"
[HKEY_CLASSES_ROOT\CLSID\{3239DBC1-B76D-4dc7-8B29-D99CBA3C7336}]
2009-12-23 05:57 153520 ----a-w- c:\program files\Toshiba\TFPU\TFPUOverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-28 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-28 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-28 415256]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-01-11 57928]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.sk/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Send To &Bluetooth - c:\program files (x86)\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.16.1
FF - ProfilePath - c:\users\ROYAL\AppData\Roaming\Mozilla\Firefox\Profiles\w51oj5g0.default-1449223342458\
FF - prefs.js: browser.startup.homepage - www.google.sk
17
17
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG19.00.00.01PROFESSIONAL"="45491528DEC5A6D371ADEB67672DED7A1E003C43855D51B9C564D3A1AB1B28A17F3F10BF90733BF70FFD0A428530F5B0862CC792639422AC7CE0828506EDB94ECAF184DF5276FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CC038D530D6EB3452FEBC9E127BECC74CA6171C11EC38DE3DA9C6AECB7A5D1407154399DF23F6CAA5F4F7ADE91FF435FDD870219EC9AA3E75F92EDB140ED3C53DDBE96A70F161D51719264B26F3FBA9BB42973BF369C84D8448579649798B47F1036752642492CEF8B687F44D55719AA4B959B3A58F8C3B0320558BB61FF8016DF78F7ADE61A77F909CCB3DCC1EDE8B5392612582698DE182F2F07BB09C5FC954EF676D5EDCAF533860561764B044A077DE10102F2AD64125F5A78EE095F6185EE02B1E3048325D5C5ABD5E26F19126527A7BD32685687BA1A32C50C6AF6C86570548E076DA26D17DA54FCE7AC8AD08BB806A39B2B6B357C53C6130B1965ED7225E60EBA8517A88B222090B1E2373599BD3D9E9F5FA20C0ED3E630149F7E1ED2FACCADC12EB0E80A3F49E9721F02ECE7098FAF2641488C50FF37FFB0707FDD1897A13B3D06CB8588E06785DE4A7A343CEB7B1494746BD993064B6B9B7FA302E4D0F7655D71B40D5C481B12BA3BE0734DB5F96C1BB5D80136C5EBD3B7E8D67D3297DE80B6DC564E12A5799B1E73483435080F696B12609AD72747EE450FD093662960E7FACB9D48ABABB33071187B6377C4FD0E6EEF18287867D187BF60EEBEDD1714344844A367E01273723543EB3F8C1C5DCB40B960BE38092D92D90065BB6E26A174C38D023159FD490E4B8E07E1717A00066F2EC3629C8124A860F2E986F962049725E272744CBC55F8C99FB1344856158C668D48B63621EA3FDB6D7D79C00755370602FC32CCD3F7640A720DE54ABCD3683002E85BF5E1D52E8245340674812DD687F4BEE0B84C65D89E6E1C2C2BD6D9D2F225E1313E3B8F78242F96E19AC6049DECBE2104760AA4F552ED996AD000E48C18BCF9753AEDFE9EB542372A47A10A63B2E6205E966F9BC74A8A42455CB42A193CCF0E91B8EC433A770AFCF1B19143C4A5F381E1FB009C81ED663A72192DC4A64CA32D42A66DC101D7E02FE36002406BC70D92238EBEFCAE98D3B551BD3F818D4BE881762AD62F2173F006CD13A3BB02642BDC8A9598BCE56735352EFA7F191EDB56FE44BEED300C5C115F66CE81820000DDFBF8CCDFB93C30459B77137EA74978EE3648FC973913CECB0732BC03EEA26DABE271EB4240D79907D151740C7B1A1016831FDF14635F27A4329D589F35B580B5F94BE092DE31FBAF36BF917B1ECBE93805A0AAE182C43F744D5581FC56F3D50C990735C0370C2FB7732D721167E84A3B6614A5B756CED482FA742F281D95AAF889966D4D546"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
Completion time: 2016-04-08 19:44:54
ComboFix-quarantined-files.txt 2016-04-08 17:44
ComboFix2.txt 2016-04-07 17:29
.
Pre-Run: 157 973 147 648 bytes free
Post-Run: 157 872 713 728 bytes free
.
- - End Of File - - 3D0A2E01C2BC688399DA10E67C015B6A
Re: Prosím o kontrolu
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jak se PC chová.
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jak se PC chová.
Re: Prosím o kontrolu
Občas, keď mám zapnutý Firefox, tak sa to sekne pri nejakých stránkach a nachvíľu sa nedá vôbec nič robiť a cca za 1 minútu to už funguje.
Re: Prosím o kontrolu
Ovladače grafiky máš aktuální ?
Pokud nevíš co tam máš použij AIDA 64
Sice se jedná o trial ale náš účel splní.
Nainstaluj ji >> spusť >> klik na Počítač >> dále Přehled,
nahoře v aplikaci klikni na Zpráva vyber Rychlá zpráva >> Prostý text
a zkopíruj mi sem vše po Síť :, kouknu se co se s tím dá dělat.
Pokud nevíš co tam máš použij AIDA 64
Sice se jedná o trial ale náš účel splní.
Nainstaluj ji >> spusť >> klik na Počítač >> dále Přehled,
nahoře v aplikaci klikni na Zpráva vyber Rychlá zpráva >> Prostý text
a zkopíruj mi sem vše po Síť :, kouknu se co se s tím dá dělat.
Re: Prosím o kontrolu
Toto ? Lebo aj YT videá tak občas trhajú odkedy prešli na HTML5
--------[ AIDA64 Extreme ]----------------------------------------------------------------------------------------------
Verzia AIDA64 v5.70.3800/sk
Modul Benchmark 4.2.671-x64
Domovská stránka http://www.aida64.com/
Typ správy Stručná správa [ TRIAL VERSION ]
Počítač ROYAL05
Vytvoril Elen
Operačný systém Microsoft Windows 7 Professional 6.1.7601.19160 (Win7 RTM)
Dátum 2016-04-12
Čas 16:07
--------[ Prehľad ]-----------------------------------------------------------------------------------------------------
Počítač:
Typ počítača ACPI x64-based PC (Mobile)
Operačný systém Microsoft Windows 7 Professional
Servisný balík OS [ TRIAL VERSION ]
Internet Explorer 11.0.9600.18230
DirectX DirectX 11.1
Názov počítača ROYAL05
Meno použív. Elen
Prihlasovacia doména [ TRIAL VERSION ]
Dátum/Čas 2016-04-12 / 16:07
Základná doska:
Typ procesora Mobile DualCore Intel Core i3-370M, 2400 MHz (18 x 133)
Názov zákl. dosky Toshiba Tecra A11
Čipset zákl. dosky Intel Ibex Peak-M HM55, Intel Ironlake-M
Systém. pamäť [ TRIAL VERSION ]
DIMM1: Samsung M471B5773CHS-CH9 2 GB DDR3-1333 DDR3 SDRAM (9-9-9-24 @ 666 MHz) (8-8-8-22 @ 609 MHz) (7-7-7-20 @ 533 MHz) (6-6-6-17 @ 457 MHz) (5-5-5-14 @ 380 MHz)
DIMM3: Samsung M471B5773CHS-CH9 [ TRIAL VERSION ]
Typ BIOS-u Toshiba (09/02/2010)
Komunikačný port (COM a LPT) Communications Port (COM1)
Komunikačný port (COM a LPT) BT Port (COM34)
Komunikačný port (COM a LPT) BT Port (COM35)
Komunikačný port (COM a LPT) BT Port (COM36)
Komunikačný port (COM a LPT) BT Port (COM37)
Komunikačný port (COM a LPT) BT Port (COM38)
Komunikačný port (COM a LPT) BT Port (COM39)
Komunikačný port (COM a LPT) BT Port (COM40)
Komunikačný port (COM a LPT) BT Port (COM41)
Komunikačný port (COM a LPT) BT Port (COM42)
Komunikačný port (COM a LPT) BT Port (COM43)
Obrazovka:
Grafická karta Intel(R) HD Graphics (1761498 kB)
Grafická karta Intel(R) HD Graphics (1761498 kB)
3D-akcelerátor Intel HD Graphics
Monitor Toshiba Internal LCD
Multimédiá:
Zvuková karta Intel Ibex Peak HDMI @ Intel Ibex Peak PCH - High Definition Audio Controller [B-3]
Zvuková karta Realtek ALC268 @ Intel Ibex Peak PCH - High Definition Audio Controller [B-3]
Ukladací priestor:
Radič IDE Intel(R) 5 Series 4 Port SATA AHCI Controller
Radič IDE Ricoh PCIe Memory Stick Host Controller
Radič IDE Ricoh PCIe SD/MMC Host Controller
Radič IDE Ricoh PCIe xD-Picture Card Controller
Disková jednotka Hitachi HTS725032A9A360 (298 GB, IDE)
Optická jednotka MATSHITA DVD-RAM UJ890AS
Stav pevných diskov SMART OK
Oddiely:
C: (NTFS) [ TRIAL VERSION ]
Celk. miesto [ TRIAL VERSION ]
Vstupné zariadenia:
Klávesnica HID Keyboard Device
Klávesnica Standard PS/2 Keyboard
Myš Alps Pointing-device
Myš HID-compliant mouse
Sieť:
Primárna adresa IP [ TRIAL VERSION ]
Primárna adresa MAC 00-26-B6-F4-B9-86
Sieťový adaptér Atheros AR9280 Wireless Network Adapter (192. [ TRIAL VERSION ])
Sieťový adaptér Bluetooth Personal Area Network
Sieťový adaptér Intel(R) 82577LC Gigabit Network Connection
Sieťový adaptér Microsoft Virtual WiFi Miniport Adapter
Sieťový adaptér TAP-Win32 Adapter V9
Periférie:
Tlačiareň Canon iR3025 PCL6
Tlačiareň Canon MF6100 Series (FAX)
Tlačiareň Canon MF6100 Series PCL5e
Tlačiareň Canon MF6100 Series PCL6
Tlačiareň Canon MF6100 Series PS3
Tlačiareň Canon MF6100 Series UFRII LT
Tlačiareň Canon MF6100 UFRII LT XPS
Tlačiareň PDFCreator
Tlačiareň Samsung Universal Print Driver
Tlačiareň STORMWARE PDF Printer
Tlačiareň XRX0000AAD805D8 PCL6
Radič USB2 Intel Ibex Peak PCH - USB 2.0 EHCI Controller 1 [B-3]
Radič USB2 Intel Ibex Peak PCH - USB 2.0 EHCI Controller 2 [B-3]
Zariadenie USB AuthenTec Inc. AES1660
Zariadenie USB Bluetooth USB Controller-5 from TOSHIBA
Zariadenie USB Generic USB Hub
Zariadenie USB Generic USB Hub
Zariadenie USB USB Composite Device
Zariadenie USB USB Composite Device
Zariadenie USB USB Input Device
Zariadenie USB USB Input Device
Zariadenie USB USB2.0 UVC WebCam
Batéria Microsoft AC Adapter
Batéria Microsoft ACPI-Compliant Control Method Battery
Batéria Microsoft Composite Battery
DMI:
Predajca DMI BIOS TOSHIBA
Verzia DMI BIOS Version 2.70
Výrobca systému DMI TOSHIBA
Výrobok systému DMI TECRA A11
Verzia systému DMI PTSE0E-063055SK
Sér. číslo systému DMI [ TRIAL VERSION ]
DMI Systém UUID [ TRIAL VERSION ]
Výrobca základnej dosky DMI TOSHIBA
Výrobok základnej dosky DMI Portable PC
Verzia základnej dosky DMI Version A0
Sér. číslo základnej dosky DMI [ TRIAL VERSION ]
Výrobca skrine DMI TOSHIBA
Verzia skrine DMI Version 1.0
Sér. číslo skrine DMI [ TRIAL VERSION ]
Označenie skrine DMI [ TRIAL VERSION ]
Typ skrine DMI Notebook
--------[ Debug - PCI ]-------------------------------------------------------------------------------------------------
B00 D00 F00: Intel Auburndale/Arrandale Processor - Host Bridge/DRAM Controller
Offset 000: 86 80 44 00 06 00 90 20 02 00 00 06 00 00 00 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 E0 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 01 90 D1 FE 00 00 00 00 01 00 D1 FE 00 00 00 00
Offset 050: 00 00 70 03 09 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 01 80 D1 FE 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 40 00 4D 00 00 00 00 00
Offset 0A0: 3F 00 80 13 00 00 00 BC 00 00 E0 BB 00 00 80 B7
Offset 0B0: 00 C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 03 03 00 00 00 00 00 00 00 00 00 82
Offset 0E0: 09 00 0C 01 26 61 B1 00 88 00 40 01 00 00 00 00
Offset 0F0: 00 00 00 00 0D 00 00 00 AB 0F 18 00 00 00 00 00
B00 D02 F00: Intel Auburndale/Arrandale Processor - Integrated Graphics Controller
Offset 000: 86 80 46 00 07 04 90 00 02 00 00 03 00 00 00 00
Offset 010: 04 00 00 D0 00 00 00 00 0C 00 00 C0 00 00 00 00
Offset 020: 51 30 00 00 00 00 00 00 00 00 00 00 79 11 02 00
Offset 030: 00 00 00 00 90 00 00 00 00 00 00 00 00 01 00 00
Offset 040: 09 00 0C 01 26 61 B1 00 88 00 40 01 0F 17 14 17
Offset 050: 00 00 70 03 09 00 00 00 00 00 00 00 00 00 00 BC
Offset 060: 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 05 D0 01 00 0C F0 E0 FE B0 49 00 00 00 00 00 00
Offset 0A0: 11 11 11 00 13 00 06 03 00 00 14 60 25 04 3A 30
Offset 0B0: 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 01 A4 22 00 00 00 00 00 00 00 00 00 00 01 02 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 80 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 AB 0F 18 00 18 70 15 B7
B00 D16 F00: Intel Ibex Peak PCH - Host Embedded Controller Interface 1 (HECI1) [B-3]
Offset 000: 86 80 64 3B 06 00 10 00 06 00 80 07 00 00 80 00
Offset 010: 04 70 62 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 10 01 00 00
Offset 040: 45 02 00 00 20 00 01 80 00 00 00 60 00 00 00 00
Offset 050: 01 8C 03 C8 08 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 05 00 80 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 C0
Offset 0C0: 7A BE C1 7D 78 8B 9E C7 49 C4 A9 51 F5 2E 71 B4
Offset 0D0: 8D 86 33 DF C1 FF 77 AF B6 3F 71 E6 4E 44 2F 4B
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B00 D19 F00: Intel 82577LC Gigabit Network Connection (Toshiba)
Offset 000: 86 80 EB 10 06 04 10 00 06 00 00 02 00 00 00 00
Offset 010: 00 00 60 D4 00 50 62 D4 01 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 C8 00 00 00 00 00 00 00 00 01 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 01 D0 22 C8 00 21 00 07
Offset 0D0: 05 E0 81 00 00 00 E0 FE 00 00 00 00 A0 40 00 00
Offset 0E0: 13 00 06 03 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B00 D1A F00: Intel Ibex Peak PCH - USB 2.0 EHCI Controller 2 [B-3]
Offset 000: 86 80 3C 3B 06 00 90 02 06 20 03 0C 00 00 00 00
Offset 010: 00 6C 62 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 10 01 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 58 C2 C9 00 01 00 00 0A 98 A0 20 00 00 00 00
Offset 060: 20 20 FF 07 00 00 00 00 01 00 00 00 00 00 00 C0
Offset 070: 00 00 FF 3F 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 80 00 11 89 0C 13 A0 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 13 00 06 03 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 AA FF 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 84 40 09 B7
Offset 0F0: 00 00 00 00 88 85 80 00 87 0F 06 08 08 17 1B 30
B00 D1B F00: Intel Ibex Peak PCH - High Definition Audio Controller [B-3]
Offset 000: 86 80 56 3B 06 00 10 00 06 00 03 04 10 00 00 00
Offset 010: 04 00 62 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 16 01 00 00
Offset 040: 01 00 00 47 01 00 00 00 00 00 00 00 00 80 00 00
Offset 050: 01 60 42 C8 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 05 70 80 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 10 00 91 00 00 00 00 10 00 08 10 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 04 00 01 02 00 00 00 05 00 09 02 10 70 30 16
Offset 0D0: 0B 00 91 06 10 00 31 16 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1C F00: Intel Ibex Peak PCH - PCI Express Root Port 1 [B-3]
Offset 000: 86 80 42 3B 06 00 10 00 06 00 04 06 10 00 81 00
Offset 010: 00 00 00 00 00 00 00 00 00 01 01 00 F0 00 00 20
Offset 020: 50 D4 50 D4 F1 FF 01 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 10 01 00 00
Offset 040: 10 80 42 01 00 80 00 00 00 00 10 00 11 2C 11 01
Offset 050: 42 00 11 30 60 B2 04 00 00 00 48 01 00 00 00 00
Offset 060: 00 00 00 00 16 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 0D A0 00 00 79 11 01 00 00 00 00 00 00 00 00 00
Offset 0A0: 01 00 02 C8 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 10 00 00 00 00 00 00 00 00 11 80 00 00 00 00
Offset 0E0: 00 0F 00 00 06 07 08 00 31 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1C F01: Intel Ibex Peak PCH - PCI Express Root Port 2 [B-3]
Offset 000: 86 80 44 3B 06 00 10 00 06 00 04 06 10 00 81 00
Offset 010: 00 00 00 00 00 00 00 00 00 02 02 00 F0 00 00 00
Offset 020: 40 D4 40 D4 F1 FF 01 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 11 02 00 00
Offset 040: 10 80 42 01 00 80 00 00 00 00 10 00 11 2C 11 02
Offset 050: 40 00 11 30 60 B2 0C 00 00 00 48 01 00 00 00 00
Offset 060: 00 00 00 00 16 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 0D A0 00 00 79 11 01 00 00 00 00 00 00 00 00 00
Offset 0A0: 01 00 02 C8 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 10 00 00 00 00 00 00 00 00 11 80 00 00 00 00
Offset 0E0: 00 0F 00 00 06 07 08 00 31 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1C F02: Intel Ibex Peak PCH - PCI Express Root Port 3 [B-3]
Offset 000: 86 80 46 3B 07 00 10 00 06 00 04 06 10 00 81 00
Offset 010: 00 00 00 00 00 00 00 00 00 03 04 00 20 20 00 20
Offset 020: 40 D2 30 D4 41 D0 31 D2 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 12 03 00 00
Offset 040: 10 80 42 01 00 80 00 00 00 00 10 00 11 4C 11 03
Offset 050: 00 00 01 10 60 B2 14 00 08 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 16 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 0D A0 00 00 79 11 01 00 00 00 00 00 00 00 00 00
Offset 0A0: 01 00 02 C8 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 10 00 00 00 00 00 00 00 00 11 C0 00 00 00 00
Offset 0E0: 00 0F 00 00 06 07 08 00 31 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1D F00: Intel Ibex Peak PCH - USB 2.0 EHCI Controller 1 [B-3]
Offset 000: 86 80 34 3B 06 00 90 02 06 20 03 0C 00 00 00 00
Offset 010: 00 68 62 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 17 01 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 58 C2 C9 00 00 00 00 0A 98 A0 20 00 00 00 00
Offset 060: 20 20 FF 07 00 00 00 00 01 00 00 00 00 00 00 C0
Offset 070: 00 00 FF 3F 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 80 00 11 89 0C 13 A0 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 13 00 06 03 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 AA FF 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 84 E0 09 B7
Offset 0F0: 00 00 00 00 88 85 80 00 87 0F 06 08 08 17 1B 30
B00 D1E F00: Intel HM55 Platform Controller Hub [B-3]
Offset 000: 86 80 48 24 07 00 10 00 A6 01 04 06 00 00 01 00
Offset 010: 00 00 00 00 00 00 00 00 00 05 05 20 F0 00 80 22
Offset 020: F0 FF 00 00 F1 FF 01 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 FF 00 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 12 00 10
Offset 050: 0D 00 00 00 79 11 01 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1F F00: Intel HM55 PCH - LPC Bridge [B-3]
Offset 000: 86 80 09 3B 07 00 10 02 06 00 01 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 E0 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 01 04 00 00 80 00 00 00 01 05 00 00 10 00 00 00
Offset 050: F8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 8B 83 8A 8B 91 00 00 00 86 80 85 8B F8 00 00 00
Offset 070: F8 00 F8 00 F8 00 F8 00 F8 00 F8 00 F8 00 F8 00
Offset 080: 10 00 01 1C 81 06 7C 00 E1 01 0C 00 00 00 00 00
Offset 090: 00 00 00 00 00 0F 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 06 20 00 29 BD 06 00 00 45 00 00 00 03 00 80
Offset 0B0: 00 00 00 00 00 00 00 00 04 40 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 33 22 11 00 67 45 00 00 C0 FF 00 00 00 00 00 00
Offset 0E0: 09 00 10 11 F1 0A E4 0E 40 B7 46 58 06 24 B8 02
Offset 0F0: 01 C0 D1 FE 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1F F02: Intel Ibex Peak-M PCH - 4-port SATA AHCI Controller [B-3]
Offset 000: 86 80 29 3B 07 00 B0 02 06 01 06 01 00 00 00 00
Offset 010: 49 30 00 00 5D 30 00 00 41 30 00 00 59 30 00 00
Offset 020: 01 30 00 00 00 60 62 D4 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 80 00 00 00 00 00 00 00 13 02 00 00
Offset 040: 00 80 00 80 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 01 A8 03 40 08 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 60 0C 23 83 83 01 00 1C 20 02 59 00 01 00 00 00
Offset 0A0: D4 00 00 00 00 00 00 10 12 B0 10 00 48 00 00 00
Offset 0B0: 13 00 06 03 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1F F03: Intel Ibex Peak PCH - SMBus Controller [B-3]
Offset 000: 86 80 30 3B 01 00 80 02 06 00 05 0C 00 00 00 00
Offset 010: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: A1 EF 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00
Offset 040: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 03 04 04 00 00 00 08 08 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1F F06: Intel Ibex Peak PCH - Thermal Sensor [B-3]
Offset 000: 86 80 32 3B 06 00 10 00 06 00 80 11 00 00 00 00
Offset 010: 04 40 62 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 12 03 00 00
Offset 040: 05 00 70 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 80 23 00 08 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B01 D00 F00: Ricoh PCI-E SD Bus Host Adapter
Offset 000: 80 11 22 E8 06 00 10 00 01 00 05 08 10 00 80 00
Offset 010: 00 02 50 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 10 01 00 00
Offset 040: 00 00 00 00 60 61 82 01 00 00 00 00 00 00 00 00
Offset 050: 05 78 80 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 11 78 00 00 00 00 00 00
Offset 070: 01 00 00 00 00 00 00 00 01 80 03 FE 00 40 00 3C
Offset 080: 10 00 01 00 C0 FF 90 05 10 28 0B 00 11 6C 07 01
Offset 090: 42 00 11 10 00 00 00 00 C0 03 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 A0 00 00 00
Offset 0C0: 00 30 00 00 20 00 00 00 00 00 00 0C 10 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 19
Offset 0E0: B2 32 E0 01 00 00 00 00 40 00 00 00 00 00 00 00
Offset 0F0: 30 00 FE 10 00 00 00 00 18 00 00 02 00 00 00 00
B01 D00 F01: Ricoh R5U230/R5U231/R5U241 PCI-E Memory Stick Host Controller
Offset 000: 80 11 30 E2 06 00 10 00 01 00 80 08 10 00 80 00
Offset 010: 00 01 50 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 11 02 00 00
Offset 040: 00 00 00 00 60 61 82 01 00 00 00 00 00 00 00 00
Offset 050: 05 78 80 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 11 78 00 00 00 00 00 00
Offset 070: 01 00 00 00 00 00 00 00 01 80 03 FE 00 40 00 3C
Offset 080: 10 00 01 00 C0 FF 90 05 10 28 0B 00 11 6C 07 01
Offset 090: 42 00 11 10 00 00 00 00 C0 03 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 30 00 00 20 00 00 00 00 00 00 0C 10 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01
Offset 0E0: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 18 00 02 00 00 00 00 00
B01 D00 F02: Ricoh PCI-E xD-Picture Card Controller
Offset 000: 80 11 52 E8 06 00 10 00 01 00 80 08 10 00 80 00
Offset 010: 00 00 50 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 12 03 00 00
Offset 040: 00 00 00 00 60 61 82 01 00 00 00 00 00 00 00 00
Offset 050: 05 78 80 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 11 78 00 00 00 00 00 00
Offset 070: 01 00 00 00 00 00 00 00 01 80 03 FE 00 40 00 3C
Offset 080: 10 00 01 00 C0 FF 90 05 10 28 0B 00 11 6C 07 01
Offset 090: 42 00 11 10 00 00 00 00 C0 03 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 30 00 00 20 00 00 00 00 00 00 0C 10 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01
Offset 0E0: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 18 00 04 00 00 00 00 00
B02 D00 F00: Atheros AR5009 802.11a/g/n Wireless Network Adapter
Offset 000: 8C 16 2A 00 46 01 10 00 01 00 80 02 10 00 00 00
Offset 010: 04 00 40 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 4F 14 56 71
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 11 01 00 00
Offset 040: 01 50 C2 5B 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 05 60 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 10 90 11 00 C0 0C 90 05 10 20 00 00 11 38 03 00
Offset 070: 48 00 11 10 00 00 00 00 C0 03 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
BFF D00 F00: Intel QuickPath Architecture - Generic Non-Core Registers
Offset 000: 86 80 62 2C 06 00 00 00 02 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 86 80
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 20 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 01 00 00 00 00 00 01 04 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 0D 0C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 80 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
BFF D00 F01: Intel QuickPath Architecture - System Address Decoder (SAD)
Offset 000: 86 80 01 2D 06 00 00 00 02 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 86 80
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 10 11 11 01 00 33 33 00 00 00 00 00 00 1A 00 00
Offset 050: 01 00 00 E0 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 E0 B7 00 00 00 00 00 0C E0 FF 0F 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 43 0B 00 00 C2 0F 00 00 43 13 00 00 42 13 00 00
Offset 090: 42 13 00 00 42 13 00 00 42 13 00 00 42 13 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
BFF D02 F00: Intel QuickPath Interconnect - QPI Link 0 Control
Offset 000: 86 80 10 2D 06 00 00 00 02 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 86 80
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 00 01 8F 08 00 00 00 00 00 00 14 00 00 00 00 00
Offset 050: 00 00 00 86 00 00 00 00 55 45 06 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 5F 00 85 06 00 00 00 00 00 F3 00 00 00 00
Offset 0D0: 01 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
BFF D02 F01: Intel QuickPath Interconnect - QPI Physical 0 Control
Offset 000: 86 80 11 2D 06 00 00 00 02 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 86 80
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 09 00 FF F0 01 00 80 0B 00 00 10 00 73 02 00 00
Offset 050: 12 01 0C 12 12 00 00 00 01 00 00 00 01 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 51 C3 10 A0 A0 40 00
Offset 070: 00 00 00 00 FF FF 0F 80 00 00 00 00 FF FF 0F 00
Offset 080: 03 0F 0F 07 00 00 00 00 01 00 00 00 01 00 0F 0F
Offset 090: 82 00 00 00 02 02 01 00 08 08 88 08 02 05 00 00
Offset 0A0: 00 CE 01 00 03 2C 1D 00 84 00 00 06 02 00 00 00
Offset 0B0: 77 15 AE 4D 00 00 00 00 00 00 00 00 01 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 09 0C 09 0C 00 00 00 00 00 00 00 00 03 00 08 00
Offset 0E0: 00 00 02 00 00 00 40 00 00 00 82 24 00 00 00 00
Offset 0F0: 00 00 00 00 42 01 00 00 00 00 00 00 00 00 00 00
BFF D02 F02: Intel QuickPath Interconnect - Flexible Display Interface
Offset 000: 86 80 12 2D 06 00 00 00 02 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 86 80
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
BFF D02 F03: Intel QuickPath Interconnect - Flexible Display Interface
Offset 000: 86 80 13 2D 06 00 00 00 02 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 86 80
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCI-8086-0044: Intel Ironlake MCHBAR
Offset 100: 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00
Offset 110: 00 6C 00 00 40 44 02 C2 05 00 00 00 00 00 00 00
Offset 120: 9F 7F 8E 38 5C 60 13 40 05 0D 15 02 9F 56 31 00
Offset 130: 02 13 11 F1 00 60 85 00 56 0D 0D 07 13 13 22 0D
Offset 140: 68 0D 0D 07 11 11 2A 0C 06 05 11 34 0D 0D 13 13
Offset 150: 15 00 0A EC 08 06 16 3F 0D 0D 11 12 00 04 0F A2
Offset 160: FF FF FF 05 26 00 00 00 00 00 00 00 14 24 24 48
Offset 170: 08 08 08 08 33 43 00 00 00 00 00 00 00 FF FF FF
Offset 180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1D0: 4B 01 00 40 B4 01 00 00 00 00 00 00 00 00 00 00
Offset 1E0: 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00
Offset 1F0: 00 02 00 1D 00 00 02 00 00 00 00 00 00 00 00 00
Offset 200: 20 00 20 00 20 00 20 00 88 00 00 00 00 00 00 00
Offset 210: 20 00 0F 00 00 3E 00 00 00 00 00 00 00 00 00 00
Offset 220: 07 00 00 58 00 01 24 0C 01 00 00 00 00 00 00 00
Offset 230: 00 00 08 00 04 00 04 01 02 20 00 00 00 00 03 00
Offset 240: 34 21 00 01 10 97 06 00 00 20 94 08 00 22 03 00
Offset 250: 95 04 56 EE 88 04 78 74 47 E6 0E 56 0E 14 A5 1D
Offset 260: FF 09 18 0B FF 00 0D 04 00 40 D0 CF 35 3F 24 03
Offset 270: 00 0E 55 01 04 00 03 00 42 20 36 0C 62 00 00 8B
Offset 280: 00 00 00 00 00 00 00 00 40 50 60 70 80 C0 FE FF
Offset 290: 1C 09 82 02 00 00 01 00 01 00 00 00 7A 07 00 00
Offset 2A0: 17 17 F8 C8 48 48 30 00 01 06 06 05 16 14 07 A1
Offset 2B0: 3F 64 00 00 20 40 00 00 00 20 08 00 70 70 70 01
Offset 2C0: 00 CC 09 60 8C 00 00 00 00 00 00 00 00 00 00 00
Offset 2D0: 00 01 20 00 00 36 40 04 00 00 00 00 00 00 00 00
Offset 2E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 2F0: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
PCI-8086-0044: Intel Ironlake MCHBAR
Offset 500: 9B 06 00 40 0F 00 00 00 00 00 00 00 00 00 00 00
Offset 510: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 520: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 540: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 550: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 560: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 570: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 580: 00 80 24 08 00 00 00 00 00 00 00 00 00 00 00 00
Offset 590: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5F0: 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 80
Offset 600: 20 00 20 00 20 00 20 00 88 00 00 00 00 00 00 00
Offset 610: BC 6A 00 01 FF 0F 6A 02 00 00 00 00 00 00 00 00
Offset 620: 07 00 00 58 00 01 24 0C 01 00 00 00 00 00 00 00
Offset 630: 00 00 00 00 00 00 00 01 02 20 00 00 00 00 00 00
Offset 640: 34 21 00 01 10 97 26 00 00 20 94 08 00 22 03 00
Offset 650: 95 04 56 EE 88 04 78 74 47 E6 0E 56 0E 14 A5 1D
Offset 660: FF 09 18 0B FF 00 0D 04 00 40 D0 CF 35 3F 24 03
Offset 670: 00 0E 55 01 04 00 03 00 42 20 36 0C 62 00 00 8B
Offset 680: 00 00 00 00 00 00 00 00 40 50 60 70 80 C0 FE FF
Offset 690: 1C 09 82 02 00 00 01 00 01 00 00 00 7A 07 00 00
Offset 6A0: 17 17 F8 C8 48 48 30 00 01 06 06 05 16 14 07 A1
Offset 6B0: 3F 64 00 00 20 40 00 00 00 20 08 00 70 70 70 01
Offset 6C0: A0 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 6D0: 00 80 00 00 F8 00 01 00 F8 00 11 00 FF FB 23 00
Offset 6E0: FA 00 01 00 00 00 00 00 00 FB 23 00 00 00 00 00
Offset 6F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCI-8086-0044: Intel Ironlake MCHBAR
Offset 900: 9B 06 00 40 0F 00 00 00 00 00 00 00 00 00 00 00
Offset 910: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 920: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 930: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 940: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 960: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 980: 00 80 28 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCI-8086-0044: Intel Ironlake MCHBAR
Offset 1000: 00 01 01 00 00 04 80 00 7F 00 00 40 30 81 80 00
Offset 1010: C9 A0 00 00 FF FF FF FF 00 00 00 00 B8 00 3F 3F
Offset 1020: 2D 6C 6C 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1070: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10E0: 01 01 01 01 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCI-8086-0044: Intel Ironlake MCHBAR
Offset 1100: 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1110: 04 04 94 73 04 04 93 70 04 14 A4 6C 04 14 A2 67
Offset 1120: 04 14 A0 63 04 14 9E 5E 04 14 9C 5D 04 14 96 5A
Offset 1130: 04 24 A0 56 04 24 94 52 00 00 00 00 00 00 00 00
Offset 1140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1150: 0C 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1170: 80 47 00 00 00 09 09 C1 00 00 00 00 01 00 00 00
Offset 1180: 10 00 00 00 26 00 00 00 00 00 00 00 00 00 00 00
Offset 1190: 07 45 00 06 00 00 00 00 00 00 00 00 08 E8 00 00
Offset 11A0: 08 BD 03 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 11B0: D0 01 01 00 30 57 05 00 00 30 1C 47 0F 48 E8 01
Offset 11C0: 0B 01 03 03 01 03 00 00 62 00 FA 00 4E 00 00 00
Offset 11D0: E8 03 00 00 40 42 0F 11 00 00 19 00 00 00 00 00
Offset 11E0: 00 00 00 00 20 4E 00 00 00 00 00 00 0A 00 00 00
Offset 11F0: 00 00 00 00 00 00 00 10 3C 25 00 00 00 00 00 00
PCI-8086-0044: Intel Ironlake MCHBAR
Offset 2C00: C0 08 04 00 00 00 00 00 00 00 00 00 00 36 05 00
Offset 2C10: 12 04 3A 31 00 00 40 00 00 00 00 00 00 00 00 00
Offset 2C20: 10 00 3A 30 00 00 00 00 00 02 00 00 00 00 00 00
PCI-8086-3B32: Intel 5/6/7/8/9/10-series PCH TBAR @ D4624000h
Offset 00: 00 B8 00 72 2B 3A 00 00 85 04 76 00 00 00 C0 00
Offset 10: 00 00 80 16 00 00 2D 6C C8 00 F0 50 00 00 00 00
Offset 20: 00 00 30 0F 12 00 00 00 00 00 00 00 00 00 00 00
Offset 30: 7F 12 00 00 6E CE 66 70 00 00 00 00 00 00 00 80
Offset 40: 00 00 00 FF 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: A1 82 4C 1F 5E 05 50 00 01 81 81 7F 00 00 11 00
Offset 60: 49 00 00 00 C8 00 5E 01 FA 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 04 73 73 00 FF 00 00 00 00 00 00 00 00
Offset 90: 71 20 FB 2B 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 FF 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 43 3F F2 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCI-8086-3B32: Intel 5/6/7/8/9/10-series PCH TBARB @ D4700000h
Offset 00: 01 B8 10 72 2B 3A 00 00 85 00 3F 00 00 00 C0 00
Offset 10: 00 00 80 16 00 00 2D 6C C8 00 F0 50 00 00 00 00
Offset 20: 00 00 30 0F 12 00 00 00 00 00 00 00 00 00 00 00
Offset 30: 7F 12 00 00 6E CE 66 70 00 00 00 00 00 00 00 80
Offset 40: 01 00 00 FF 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: A1 82 4C 1F 5E 05 50 00 01 81 81 7F 00 00 11 00
Offset 60: 49 00 00 00 C8 00 5E 01 FA 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 01 01 00 04 73 73 00 FF 00 00 00 00 00 00 00 00
Offset 90: 78 21 FB 2B 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 01 01 00 00 00 00 00 FF 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 43 3F F2 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
--------[ Debug - Video BIOS ]------------------------------------------------------------------------------------------
C000:0000 U.z.6.000000000000."..".@...00IBM VGA Compatible BIOS. .Z.j.x...
C000:0040 PCIR..F.................................t.............\.........
C000:0080 ...................................dH.....dH.....dH....0dH.....d
C000:00C0 I.....dI.....dJ.....dJ....0dJ.....dI....0dI.....dJ.....dK.....dK
C000:0100 .....dK....0dL.....dL.....dL....0$L.....$M.....dM......... ....`
C000:0140 ".......N... ....@............ ...88.......... .1X. (.........V.
C000:0180 .1X. .P.......... .0X. @........d..@A.&0..6.......... A. 0.`..
C000:01C0 .......$.`A.(00`........0*..Q.*@0p.........4..Q.*@...........=..
C000:0200 Q.0@@.........H?@0b.2@@..........O@0b.2@@..........Y@0b.2@@.....
C000:0240 ....h[..r.<P...........t..r.<P..........0.6..2.l..4....8....:...
C000:0280 .<.D..A.6..C.l..E....I....K....M.D..P 6..R l..T ...X ...Z ...\ D
C000:02C0 ..`....a....b ...c....d....e ...f.&..g.&..h &..i.@..j.@..k @..l.
C000:0300 Z..m.Z..n Z..o.t..p.t..q t.............E........................
C000:0340 ....................E...................................For Eval
C000:0380 uation Use Only....(........c-'(.+..............................
C000:03C0 ...................(........c-'(.+..............................
--------[ Debug - Unknown ]---------------------------------------------------------------------------------------------
HDD Hitachi HTS725032A9A360
------------------------------------------------------------------------------------------------------------------------
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
--------[ AIDA64 Extreme ]----------------------------------------------------------------------------------------------
Verzia AIDA64 v5.70.3800/sk
Modul Benchmark 4.2.671-x64
Domovská stránka http://www.aida64.com/
Typ správy Stručná správa [ TRIAL VERSION ]
Počítač ROYAL05
Vytvoril Elen
Operačný systém Microsoft Windows 7 Professional 6.1.7601.19160 (Win7 RTM)
Dátum 2016-04-12
Čas 16:07
--------[ Prehľad ]-----------------------------------------------------------------------------------------------------
Počítač:
Typ počítača ACPI x64-based PC (Mobile)
Operačný systém Microsoft Windows 7 Professional
Servisný balík OS [ TRIAL VERSION ]
Internet Explorer 11.0.9600.18230
DirectX DirectX 11.1
Názov počítača ROYAL05
Meno použív. Elen
Prihlasovacia doména [ TRIAL VERSION ]
Dátum/Čas 2016-04-12 / 16:07
Základná doska:
Typ procesora Mobile DualCore Intel Core i3-370M, 2400 MHz (18 x 133)
Názov zákl. dosky Toshiba Tecra A11
Čipset zákl. dosky Intel Ibex Peak-M HM55, Intel Ironlake-M
Systém. pamäť [ TRIAL VERSION ]
DIMM1: Samsung M471B5773CHS-CH9 2 GB DDR3-1333 DDR3 SDRAM (9-9-9-24 @ 666 MHz) (8-8-8-22 @ 609 MHz) (7-7-7-20 @ 533 MHz) (6-6-6-17 @ 457 MHz) (5-5-5-14 @ 380 MHz)
DIMM3: Samsung M471B5773CHS-CH9 [ TRIAL VERSION ]
Typ BIOS-u Toshiba (09/02/2010)
Komunikačný port (COM a LPT) Communications Port (COM1)
Komunikačný port (COM a LPT) BT Port (COM34)
Komunikačný port (COM a LPT) BT Port (COM35)
Komunikačný port (COM a LPT) BT Port (COM36)
Komunikačný port (COM a LPT) BT Port (COM37)
Komunikačný port (COM a LPT) BT Port (COM38)
Komunikačný port (COM a LPT) BT Port (COM39)
Komunikačný port (COM a LPT) BT Port (COM40)
Komunikačný port (COM a LPT) BT Port (COM41)
Komunikačný port (COM a LPT) BT Port (COM42)
Komunikačný port (COM a LPT) BT Port (COM43)
Obrazovka:
Grafická karta Intel(R) HD Graphics (1761498 kB)
Grafická karta Intel(R) HD Graphics (1761498 kB)
3D-akcelerátor Intel HD Graphics
Monitor Toshiba Internal LCD
Multimédiá:
Zvuková karta Intel Ibex Peak HDMI @ Intel Ibex Peak PCH - High Definition Audio Controller [B-3]
Zvuková karta Realtek ALC268 @ Intel Ibex Peak PCH - High Definition Audio Controller [B-3]
Ukladací priestor:
Radič IDE Intel(R) 5 Series 4 Port SATA AHCI Controller
Radič IDE Ricoh PCIe Memory Stick Host Controller
Radič IDE Ricoh PCIe SD/MMC Host Controller
Radič IDE Ricoh PCIe xD-Picture Card Controller
Disková jednotka Hitachi HTS725032A9A360 (298 GB, IDE)
Optická jednotka MATSHITA DVD-RAM UJ890AS
Stav pevných diskov SMART OK
Oddiely:
C: (NTFS) [ TRIAL VERSION ]
Celk. miesto [ TRIAL VERSION ]
Vstupné zariadenia:
Klávesnica HID Keyboard Device
Klávesnica Standard PS/2 Keyboard
Myš Alps Pointing-device
Myš HID-compliant mouse
Sieť:
Primárna adresa IP [ TRIAL VERSION ]
Primárna adresa MAC 00-26-B6-F4-B9-86
Sieťový adaptér Atheros AR9280 Wireless Network Adapter (192. [ TRIAL VERSION ])
Sieťový adaptér Bluetooth Personal Area Network
Sieťový adaptér Intel(R) 82577LC Gigabit Network Connection
Sieťový adaptér Microsoft Virtual WiFi Miniport Adapter
Sieťový adaptér TAP-Win32 Adapter V9
Periférie:
Tlačiareň Canon iR3025 PCL6
Tlačiareň Canon MF6100 Series (FAX)
Tlačiareň Canon MF6100 Series PCL5e
Tlačiareň Canon MF6100 Series PCL6
Tlačiareň Canon MF6100 Series PS3
Tlačiareň Canon MF6100 Series UFRII LT
Tlačiareň Canon MF6100 UFRII LT XPS
Tlačiareň PDFCreator
Tlačiareň Samsung Universal Print Driver
Tlačiareň STORMWARE PDF Printer
Tlačiareň XRX0000AAD805D8 PCL6
Radič USB2 Intel Ibex Peak PCH - USB 2.0 EHCI Controller 1 [B-3]
Radič USB2 Intel Ibex Peak PCH - USB 2.0 EHCI Controller 2 [B-3]
Zariadenie USB AuthenTec Inc. AES1660
Zariadenie USB Bluetooth USB Controller-5 from TOSHIBA
Zariadenie USB Generic USB Hub
Zariadenie USB Generic USB Hub
Zariadenie USB USB Composite Device
Zariadenie USB USB Composite Device
Zariadenie USB USB Input Device
Zariadenie USB USB Input Device
Zariadenie USB USB2.0 UVC WebCam
Batéria Microsoft AC Adapter
Batéria Microsoft ACPI-Compliant Control Method Battery
Batéria Microsoft Composite Battery
DMI:
Predajca DMI BIOS TOSHIBA
Verzia DMI BIOS Version 2.70
Výrobca systému DMI TOSHIBA
Výrobok systému DMI TECRA A11
Verzia systému DMI PTSE0E-063055SK
Sér. číslo systému DMI [ TRIAL VERSION ]
DMI Systém UUID [ TRIAL VERSION ]
Výrobca základnej dosky DMI TOSHIBA
Výrobok základnej dosky DMI Portable PC
Verzia základnej dosky DMI Version A0
Sér. číslo základnej dosky DMI [ TRIAL VERSION ]
Výrobca skrine DMI TOSHIBA
Verzia skrine DMI Version 1.0
Sér. číslo skrine DMI [ TRIAL VERSION ]
Označenie skrine DMI [ TRIAL VERSION ]
Typ skrine DMI Notebook
--------[ Debug - PCI ]-------------------------------------------------------------------------------------------------
B00 D00 F00: Intel Auburndale/Arrandale Processor - Host Bridge/DRAM Controller
Offset 000: 86 80 44 00 06 00 90 20 02 00 00 06 00 00 00 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 E0 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 01 90 D1 FE 00 00 00 00 01 00 D1 FE 00 00 00 00
Offset 050: 00 00 70 03 09 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 01 80 D1 FE 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 40 00 4D 00 00 00 00 00
Offset 0A0: 3F 00 80 13 00 00 00 BC 00 00 E0 BB 00 00 80 B7
Offset 0B0: 00 C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 03 03 00 00 00 00 00 00 00 00 00 82
Offset 0E0: 09 00 0C 01 26 61 B1 00 88 00 40 01 00 00 00 00
Offset 0F0: 00 00 00 00 0D 00 00 00 AB 0F 18 00 00 00 00 00
B00 D02 F00: Intel Auburndale/Arrandale Processor - Integrated Graphics Controller
Offset 000: 86 80 46 00 07 04 90 00 02 00 00 03 00 00 00 00
Offset 010: 04 00 00 D0 00 00 00 00 0C 00 00 C0 00 00 00 00
Offset 020: 51 30 00 00 00 00 00 00 00 00 00 00 79 11 02 00
Offset 030: 00 00 00 00 90 00 00 00 00 00 00 00 00 01 00 00
Offset 040: 09 00 0C 01 26 61 B1 00 88 00 40 01 0F 17 14 17
Offset 050: 00 00 70 03 09 00 00 00 00 00 00 00 00 00 00 BC
Offset 060: 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 05 D0 01 00 0C F0 E0 FE B0 49 00 00 00 00 00 00
Offset 0A0: 11 11 11 00 13 00 06 03 00 00 14 60 25 04 3A 30
Offset 0B0: 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 01 A4 22 00 00 00 00 00 00 00 00 00 00 01 02 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 80 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 AB 0F 18 00 18 70 15 B7
B00 D16 F00: Intel Ibex Peak PCH - Host Embedded Controller Interface 1 (HECI1) [B-3]
Offset 000: 86 80 64 3B 06 00 10 00 06 00 80 07 00 00 80 00
Offset 010: 04 70 62 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 10 01 00 00
Offset 040: 45 02 00 00 20 00 01 80 00 00 00 60 00 00 00 00
Offset 050: 01 8C 03 C8 08 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 05 00 80 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 C0
Offset 0C0: 7A BE C1 7D 78 8B 9E C7 49 C4 A9 51 F5 2E 71 B4
Offset 0D0: 8D 86 33 DF C1 FF 77 AF B6 3F 71 E6 4E 44 2F 4B
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B00 D19 F00: Intel 82577LC Gigabit Network Connection (Toshiba)
Offset 000: 86 80 EB 10 06 04 10 00 06 00 00 02 00 00 00 00
Offset 010: 00 00 60 D4 00 50 62 D4 01 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 C8 00 00 00 00 00 00 00 00 01 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 01 D0 22 C8 00 21 00 07
Offset 0D0: 05 E0 81 00 00 00 E0 FE 00 00 00 00 A0 40 00 00
Offset 0E0: 13 00 06 03 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
B00 D1A F00: Intel Ibex Peak PCH - USB 2.0 EHCI Controller 2 [B-3]
Offset 000: 86 80 3C 3B 06 00 90 02 06 20 03 0C 00 00 00 00
Offset 010: 00 6C 62 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 10 01 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 58 C2 C9 00 01 00 00 0A 98 A0 20 00 00 00 00
Offset 060: 20 20 FF 07 00 00 00 00 01 00 00 00 00 00 00 C0
Offset 070: 00 00 FF 3F 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 80 00 11 89 0C 13 A0 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 13 00 06 03 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 AA FF 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 84 40 09 B7
Offset 0F0: 00 00 00 00 88 85 80 00 87 0F 06 08 08 17 1B 30
B00 D1B F00: Intel Ibex Peak PCH - High Definition Audio Controller [B-3]
Offset 000: 86 80 56 3B 06 00 10 00 06 00 03 04 10 00 00 00
Offset 010: 04 00 62 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 16 01 00 00
Offset 040: 01 00 00 47 01 00 00 00 00 00 00 00 00 80 00 00
Offset 050: 01 60 42 C8 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 05 70 80 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 10 00 91 00 00 00 00 10 00 08 10 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 04 00 01 02 00 00 00 05 00 09 02 10 70 30 16
Offset 0D0: 0B 00 91 06 10 00 31 16 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1C F00: Intel Ibex Peak PCH - PCI Express Root Port 1 [B-3]
Offset 000: 86 80 42 3B 06 00 10 00 06 00 04 06 10 00 81 00
Offset 010: 00 00 00 00 00 00 00 00 00 01 01 00 F0 00 00 20
Offset 020: 50 D4 50 D4 F1 FF 01 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 10 01 00 00
Offset 040: 10 80 42 01 00 80 00 00 00 00 10 00 11 2C 11 01
Offset 050: 42 00 11 30 60 B2 04 00 00 00 48 01 00 00 00 00
Offset 060: 00 00 00 00 16 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 0D A0 00 00 79 11 01 00 00 00 00 00 00 00 00 00
Offset 0A0: 01 00 02 C8 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 10 00 00 00 00 00 00 00 00 11 80 00 00 00 00
Offset 0E0: 00 0F 00 00 06 07 08 00 31 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1C F01: Intel Ibex Peak PCH - PCI Express Root Port 2 [B-3]
Offset 000: 86 80 44 3B 06 00 10 00 06 00 04 06 10 00 81 00
Offset 010: 00 00 00 00 00 00 00 00 00 02 02 00 F0 00 00 00
Offset 020: 40 D4 40 D4 F1 FF 01 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 11 02 00 00
Offset 040: 10 80 42 01 00 80 00 00 00 00 10 00 11 2C 11 02
Offset 050: 40 00 11 30 60 B2 0C 00 00 00 48 01 00 00 00 00
Offset 060: 00 00 00 00 16 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 0D A0 00 00 79 11 01 00 00 00 00 00 00 00 00 00
Offset 0A0: 01 00 02 C8 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 10 00 00 00 00 00 00 00 00 11 80 00 00 00 00
Offset 0E0: 00 0F 00 00 06 07 08 00 31 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1C F02: Intel Ibex Peak PCH - PCI Express Root Port 3 [B-3]
Offset 000: 86 80 46 3B 07 00 10 00 06 00 04 06 10 00 81 00
Offset 010: 00 00 00 00 00 00 00 00 00 03 04 00 20 20 00 20
Offset 020: 40 D2 30 D4 41 D0 31 D2 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 12 03 00 00
Offset 040: 10 80 42 01 00 80 00 00 00 00 10 00 11 4C 11 03
Offset 050: 00 00 01 10 60 B2 14 00 08 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 16 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 0D A0 00 00 79 11 01 00 00 00 00 00 00 00 00 00
Offset 0A0: 01 00 02 C8 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 10 00 00 00 00 00 00 00 00 11 C0 00 00 00 00
Offset 0E0: 00 0F 00 00 06 07 08 00 31 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1D F00: Intel Ibex Peak PCH - USB 2.0 EHCI Controller 1 [B-3]
Offset 000: 86 80 34 3B 06 00 90 02 06 20 03 0C 00 00 00 00
Offset 010: 00 68 62 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 17 01 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 58 C2 C9 00 00 00 00 0A 98 A0 20 00 00 00 00
Offset 060: 20 20 FF 07 00 00 00 00 01 00 00 00 00 00 00 C0
Offset 070: 00 00 FF 3F 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 80 00 11 89 0C 13 A0 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 13 00 06 03 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 AA FF 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 84 E0 09 B7
Offset 0F0: 00 00 00 00 88 85 80 00 87 0F 06 08 08 17 1B 30
B00 D1E F00: Intel HM55 Platform Controller Hub [B-3]
Offset 000: 86 80 48 24 07 00 10 00 A6 01 04 06 00 00 01 00
Offset 010: 00 00 00 00 00 00 00 00 00 05 05 20 F0 00 80 22
Offset 020: F0 FF 00 00 F1 FF 01 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 FF 00 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 12 00 10
Offset 050: 0D 00 00 00 79 11 01 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1F F00: Intel HM55 PCH - LPC Bridge [B-3]
Offset 000: 86 80 09 3B 07 00 10 02 06 00 01 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 E0 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 01 04 00 00 80 00 00 00 01 05 00 00 10 00 00 00
Offset 050: F8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 8B 83 8A 8B 91 00 00 00 86 80 85 8B F8 00 00 00
Offset 070: F8 00 F8 00 F8 00 F8 00 F8 00 F8 00 F8 00 F8 00
Offset 080: 10 00 01 1C 81 06 7C 00 E1 01 0C 00 00 00 00 00
Offset 090: 00 00 00 00 00 0F 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 06 20 00 29 BD 06 00 00 45 00 00 00 03 00 80
Offset 0B0: 00 00 00 00 00 00 00 00 04 40 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 33 22 11 00 67 45 00 00 C0 FF 00 00 00 00 00 00
Offset 0E0: 09 00 10 11 F1 0A E4 0E 40 B7 46 58 06 24 B8 02
Offset 0F0: 01 C0 D1 FE 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1F F02: Intel Ibex Peak-M PCH - 4-port SATA AHCI Controller [B-3]
Offset 000: 86 80 29 3B 07 00 B0 02 06 01 06 01 00 00 00 00
Offset 010: 49 30 00 00 5D 30 00 00 41 30 00 00 59 30 00 00
Offset 020: 01 30 00 00 00 60 62 D4 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 80 00 00 00 00 00 00 00 13 02 00 00
Offset 040: 00 80 00 80 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 01 A8 03 40 08 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 60 0C 23 83 83 01 00 1C 20 02 59 00 01 00 00 00
Offset 0A0: D4 00 00 00 00 00 00 10 12 B0 10 00 48 00 00 00
Offset 0B0: 13 00 06 03 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1F F03: Intel Ibex Peak PCH - SMBus Controller [B-3]
Offset 000: 86 80 30 3B 01 00 80 02 06 00 05 0C 00 00 00 00
Offset 010: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: A1 EF 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00
Offset 040: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 03 04 04 00 00 00 08 08 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B00 D1F F06: Intel Ibex Peak PCH - Thermal Sensor [B-3]
Offset 000: 86 80 32 3B 06 00 10 00 06 00 80 11 00 00 00 00
Offset 010: 04 40 62 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 12 03 00 00
Offset 040: 05 00 70 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 80 23 00 08 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 87 0F 06 08 00 00 00 00
B01 D00 F00: Ricoh PCI-E SD Bus Host Adapter
Offset 000: 80 11 22 E8 06 00 10 00 01 00 05 08 10 00 80 00
Offset 010: 00 02 50 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 10 01 00 00
Offset 040: 00 00 00 00 60 61 82 01 00 00 00 00 00 00 00 00
Offset 050: 05 78 80 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 11 78 00 00 00 00 00 00
Offset 070: 01 00 00 00 00 00 00 00 01 80 03 FE 00 40 00 3C
Offset 080: 10 00 01 00 C0 FF 90 05 10 28 0B 00 11 6C 07 01
Offset 090: 42 00 11 10 00 00 00 00 C0 03 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 A0 00 00 00
Offset 0C0: 00 30 00 00 20 00 00 00 00 00 00 0C 10 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 19
Offset 0E0: B2 32 E0 01 00 00 00 00 40 00 00 00 00 00 00 00
Offset 0F0: 30 00 FE 10 00 00 00 00 18 00 00 02 00 00 00 00
B01 D00 F01: Ricoh R5U230/R5U231/R5U241 PCI-E Memory Stick Host Controller
Offset 000: 80 11 30 E2 06 00 10 00 01 00 80 08 10 00 80 00
Offset 010: 00 01 50 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 11 02 00 00
Offset 040: 00 00 00 00 60 61 82 01 00 00 00 00 00 00 00 00
Offset 050: 05 78 80 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 11 78 00 00 00 00 00 00
Offset 070: 01 00 00 00 00 00 00 00 01 80 03 FE 00 40 00 3C
Offset 080: 10 00 01 00 C0 FF 90 05 10 28 0B 00 11 6C 07 01
Offset 090: 42 00 11 10 00 00 00 00 C0 03 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 30 00 00 20 00 00 00 00 00 00 0C 10 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01
Offset 0E0: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 18 00 02 00 00 00 00 00
B01 D00 F02: Ricoh PCI-E xD-Picture Card Controller
Offset 000: 80 11 52 E8 06 00 10 00 01 00 80 08 10 00 80 00
Offset 010: 00 00 50 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 12 03 00 00
Offset 040: 00 00 00 00 60 61 82 01 00 00 00 00 00 00 00 00
Offset 050: 05 78 80 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 11 78 00 00 00 00 00 00
Offset 070: 01 00 00 00 00 00 00 00 01 80 03 FE 00 40 00 3C
Offset 080: 10 00 01 00 C0 FF 90 05 10 28 0B 00 11 6C 07 01
Offset 090: 42 00 11 10 00 00 00 00 C0 03 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 79 11 01 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 30 00 00 20 00 00 00 00 00 00 0C 10 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01
Offset 0E0: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 18 00 04 00 00 00 00 00
B02 D00 F00: Atheros AR5009 802.11a/g/n Wireless Network Adapter
Offset 000: 8C 16 2A 00 46 01 10 00 01 00 80 02 10 00 00 00
Offset 010: 04 00 40 D4 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 4F 14 56 71
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 11 01 00 00
Offset 040: 01 50 C2 5B 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 05 60 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 10 90 11 00 C0 0C 90 05 10 20 00 00 11 38 03 00
Offset 070: 48 00 11 10 00 00 00 00 C0 03 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
BFF D00 F00: Intel QuickPath Architecture - Generic Non-Core Registers
Offset 000: 86 80 62 2C 06 00 00 00 02 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 86 80
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 20 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 01 00 00 00 00 00 01 04 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 0D 0C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 80 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
BFF D00 F01: Intel QuickPath Architecture - System Address Decoder (SAD)
Offset 000: 86 80 01 2D 06 00 00 00 02 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 86 80
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 10 11 11 01 00 33 33 00 00 00 00 00 00 1A 00 00
Offset 050: 01 00 00 E0 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 E0 B7 00 00 00 00 00 0C E0 FF 0F 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 43 0B 00 00 C2 0F 00 00 43 13 00 00 42 13 00 00
Offset 090: 42 13 00 00 42 13 00 00 42 13 00 00 42 13 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
BFF D02 F00: Intel QuickPath Interconnect - QPI Link 0 Control
Offset 000: 86 80 10 2D 06 00 00 00 02 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 86 80
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 00 01 8F 08 00 00 00 00 00 00 14 00 00 00 00 00
Offset 050: 00 00 00 86 00 00 00 00 55 45 06 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 5F 00 85 06 00 00 00 00 00 F3 00 00 00 00
Offset 0D0: 01 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
BFF D02 F01: Intel QuickPath Interconnect - QPI Physical 0 Control
Offset 000: 86 80 11 2D 06 00 00 00 02 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 86 80
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 09 00 FF F0 01 00 80 0B 00 00 10 00 73 02 00 00
Offset 050: 12 01 0C 12 12 00 00 00 01 00 00 00 01 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 51 C3 10 A0 A0 40 00
Offset 070: 00 00 00 00 FF FF 0F 80 00 00 00 00 FF FF 0F 00
Offset 080: 03 0F 0F 07 00 00 00 00 01 00 00 00 01 00 0F 0F
Offset 090: 82 00 00 00 02 02 01 00 08 08 88 08 02 05 00 00
Offset 0A0: 00 CE 01 00 03 2C 1D 00 84 00 00 06 02 00 00 00
Offset 0B0: 77 15 AE 4D 00 00 00 00 00 00 00 00 01 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 09 0C 09 0C 00 00 00 00 00 00 00 00 03 00 08 00
Offset 0E0: 00 00 02 00 00 00 40 00 00 00 82 24 00 00 00 00
Offset 0F0: 00 00 00 00 42 01 00 00 00 00 00 00 00 00 00 00
BFF D02 F02: Intel QuickPath Interconnect - Flexible Display Interface
Offset 000: 86 80 12 2D 06 00 00 00 02 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 86 80
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
BFF D02 F03: Intel QuickPath Interconnect - Flexible Display Interface
Offset 000: 86 80 13 2D 06 00 00 00 02 00 00 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 86 80 86 80
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCI-8086-0044: Intel Ironlake MCHBAR
Offset 100: 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00
Offset 110: 00 6C 00 00 40 44 02 C2 05 00 00 00 00 00 00 00
Offset 120: 9F 7F 8E 38 5C 60 13 40 05 0D 15 02 9F 56 31 00
Offset 130: 02 13 11 F1 00 60 85 00 56 0D 0D 07 13 13 22 0D
Offset 140: 68 0D 0D 07 11 11 2A 0C 06 05 11 34 0D 0D 13 13
Offset 150: 15 00 0A EC 08 06 16 3F 0D 0D 11 12 00 04 0F A2
Offset 160: FF FF FF 05 26 00 00 00 00 00 00 00 14 24 24 48
Offset 170: 08 08 08 08 33 43 00 00 00 00 00 00 00 FF FF FF
Offset 180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1D0: 4B 01 00 40 B4 01 00 00 00 00 00 00 00 00 00 00
Offset 1E0: 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00
Offset 1F0: 00 02 00 1D 00 00 02 00 00 00 00 00 00 00 00 00
Offset 200: 20 00 20 00 20 00 20 00 88 00 00 00 00 00 00 00
Offset 210: 20 00 0F 00 00 3E 00 00 00 00 00 00 00 00 00 00
Offset 220: 07 00 00 58 00 01 24 0C 01 00 00 00 00 00 00 00
Offset 230: 00 00 08 00 04 00 04 01 02 20 00 00 00 00 03 00
Offset 240: 34 21 00 01 10 97 06 00 00 20 94 08 00 22 03 00
Offset 250: 95 04 56 EE 88 04 78 74 47 E6 0E 56 0E 14 A5 1D
Offset 260: FF 09 18 0B FF 00 0D 04 00 40 D0 CF 35 3F 24 03
Offset 270: 00 0E 55 01 04 00 03 00 42 20 36 0C 62 00 00 8B
Offset 280: 00 00 00 00 00 00 00 00 40 50 60 70 80 C0 FE FF
Offset 290: 1C 09 82 02 00 00 01 00 01 00 00 00 7A 07 00 00
Offset 2A0: 17 17 F8 C8 48 48 30 00 01 06 06 05 16 14 07 A1
Offset 2B0: 3F 64 00 00 20 40 00 00 00 20 08 00 70 70 70 01
Offset 2C0: 00 CC 09 60 8C 00 00 00 00 00 00 00 00 00 00 00
Offset 2D0: 00 01 20 00 00 36 40 04 00 00 00 00 00 00 00 00
Offset 2E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 2F0: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
PCI-8086-0044: Intel Ironlake MCHBAR
Offset 500: 9B 06 00 40 0F 00 00 00 00 00 00 00 00 00 00 00
Offset 510: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 520: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 540: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 550: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 560: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 570: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 580: 00 80 24 08 00 00 00 00 00 00 00 00 00 00 00 00
Offset 590: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5F0: 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 80
Offset 600: 20 00 20 00 20 00 20 00 88 00 00 00 00 00 00 00
Offset 610: BC 6A 00 01 FF 0F 6A 02 00 00 00 00 00 00 00 00
Offset 620: 07 00 00 58 00 01 24 0C 01 00 00 00 00 00 00 00
Offset 630: 00 00 00 00 00 00 00 01 02 20 00 00 00 00 00 00
Offset 640: 34 21 00 01 10 97 26 00 00 20 94 08 00 22 03 00
Offset 650: 95 04 56 EE 88 04 78 74 47 E6 0E 56 0E 14 A5 1D
Offset 660: FF 09 18 0B FF 00 0D 04 00 40 D0 CF 35 3F 24 03
Offset 670: 00 0E 55 01 04 00 03 00 42 20 36 0C 62 00 00 8B
Offset 680: 00 00 00 00 00 00 00 00 40 50 60 70 80 C0 FE FF
Offset 690: 1C 09 82 02 00 00 01 00 01 00 00 00 7A 07 00 00
Offset 6A0: 17 17 F8 C8 48 48 30 00 01 06 06 05 16 14 07 A1
Offset 6B0: 3F 64 00 00 20 40 00 00 00 20 08 00 70 70 70 01
Offset 6C0: A0 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 6D0: 00 80 00 00 F8 00 01 00 F8 00 11 00 FF FB 23 00
Offset 6E0: FA 00 01 00 00 00 00 00 00 FB 23 00 00 00 00 00
Offset 6F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCI-8086-0044: Intel Ironlake MCHBAR
Offset 900: 9B 06 00 40 0F 00 00 00 00 00 00 00 00 00 00 00
Offset 910: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 920: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 930: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 940: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 960: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 980: 00 80 28 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCI-8086-0044: Intel Ironlake MCHBAR
Offset 1000: 00 01 01 00 00 04 80 00 7F 00 00 40 30 81 80 00
Offset 1010: C9 A0 00 00 FF FF FF FF 00 00 00 00 B8 00 3F 3F
Offset 1020: 2D 6C 6C 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1070: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10E0: 01 01 01 01 00 00 00 00 00 00 00 00 00 00 00 00
Offset 10F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCI-8086-0044: Intel Ironlake MCHBAR
Offset 1100: 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1110: 04 04 94 73 04 04 93 70 04 14 A4 6C 04 14 A2 67
Offset 1120: 04 14 A0 63 04 14 9E 5E 04 14 9C 5D 04 14 96 5A
Offset 1130: 04 24 A0 56 04 24 94 52 00 00 00 00 00 00 00 00
Offset 1140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1150: 0C 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1170: 80 47 00 00 00 09 09 C1 00 00 00 00 01 00 00 00
Offset 1180: 10 00 00 00 26 00 00 00 00 00 00 00 00 00 00 00
Offset 1190: 07 45 00 06 00 00 00 00 00 00 00 00 08 E8 00 00
Offset 11A0: 08 BD 03 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 11B0: D0 01 01 00 30 57 05 00 00 30 1C 47 0F 48 E8 01
Offset 11C0: 0B 01 03 03 01 03 00 00 62 00 FA 00 4E 00 00 00
Offset 11D0: E8 03 00 00 40 42 0F 11 00 00 19 00 00 00 00 00
Offset 11E0: 00 00 00 00 20 4E 00 00 00 00 00 00 0A 00 00 00
Offset 11F0: 00 00 00 00 00 00 00 10 3C 25 00 00 00 00 00 00
PCI-8086-0044: Intel Ironlake MCHBAR
Offset 2C00: C0 08 04 00 00 00 00 00 00 00 00 00 00 36 05 00
Offset 2C10: 12 04 3A 31 00 00 40 00 00 00 00 00 00 00 00 00
Offset 2C20: 10 00 3A 30 00 00 00 00 00 02 00 00 00 00 00 00
PCI-8086-3B32: Intel 5/6/7/8/9/10-series PCH TBAR @ D4624000h
Offset 00: 00 B8 00 72 2B 3A 00 00 85 04 76 00 00 00 C0 00
Offset 10: 00 00 80 16 00 00 2D 6C C8 00 F0 50 00 00 00 00
Offset 20: 00 00 30 0F 12 00 00 00 00 00 00 00 00 00 00 00
Offset 30: 7F 12 00 00 6E CE 66 70 00 00 00 00 00 00 00 80
Offset 40: 00 00 00 FF 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: A1 82 4C 1F 5E 05 50 00 01 81 81 7F 00 00 11 00
Offset 60: 49 00 00 00 C8 00 5E 01 FA 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 00 00 00 04 73 73 00 FF 00 00 00 00 00 00 00 00
Offset 90: 71 20 FB 2B 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 00 00 00 00 00 00 00 FF 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 43 3F F2 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCI-8086-3B32: Intel 5/6/7/8/9/10-series PCH TBARB @ D4700000h
Offset 00: 01 B8 10 72 2B 3A 00 00 85 00 3F 00 00 00 C0 00
Offset 10: 00 00 80 16 00 00 2D 6C C8 00 F0 50 00 00 00 00
Offset 20: 00 00 30 0F 12 00 00 00 00 00 00 00 00 00 00 00
Offset 30: 7F 12 00 00 6E CE 66 70 00 00 00 00 00 00 00 80
Offset 40: 01 00 00 FF 00 00 00 00 00 00 00 00 00 00 00 00
Offset 50: A1 82 4C 1F 5E 05 50 00 01 81 81 7F 00 00 11 00
Offset 60: 49 00 00 00 C8 00 5E 01 FA 00 00 00 00 00 00 00
Offset 70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 80: 01 01 00 04 73 73 00 FF 00 00 00 00 00 00 00 00
Offset 90: 78 21 FB 2B 00 00 00 00 00 00 00 00 00 00 00 00
Offset A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset C0: 01 01 00 00 00 00 00 FF 00 00 00 00 00 00 00 00
Offset D0: 00 00 00 00 00 00 00 00 43 3F F2 00 00 00 00 00
Offset E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
--------[ Debug - Video BIOS ]------------------------------------------------------------------------------------------
C000:0000 U.z.6.000000000000."..".@...00IBM VGA Compatible BIOS. .Z.j.x...
C000:0040 PCIR..F.................................t.............\.........
C000:0080 ...................................dH.....dH.....dH....0dH.....d
C000:00C0 I.....dI.....dJ.....dJ....0dJ.....dI....0dI.....dJ.....dK.....dK
C000:0100 .....dK....0dL.....dL.....dL....0$L.....$M.....dM......... ....`
C000:0140 ".......N... ....@............ ...88.......... .1X. (.........V.
C000:0180 .1X. .P.......... .0X. @........d..@A.&0..6.......... A. 0.`..
C000:01C0 .......$.`A.(00`........0*..Q.*@0p.........4..Q.*@...........=..
C000:0200 Q.0@@.........H?@0b.2@@..........O@0b.2@@..........Y@0b.2@@.....
C000:0240 ....h[..r.<P...........t..r.<P..........0.6..2.l..4....8....:...
C000:0280 .<.D..A.6..C.l..E....I....K....M.D..P 6..R l..T ...X ...Z ...\ D
C000:02C0 ..`....a....b ...c....d....e ...f.&..g.&..h &..i.@..j.@..k @..l.
C000:0300 Z..m.Z..n Z..o.t..p.t..q t.............E........................
C000:0340 ....................E...................................For Eval
C000:0380 uation Use Only....(........c-'(.+..............................
C000:03C0 ...................(........c-'(.+..............................
--------[ Debug - Unknown ]---------------------------------------------------------------------------------------------
HDD Hitachi HTS725032A9A360
------------------------------------------------------------------------------------------------------------------------
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Přispějete na provoz fóra?