Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivka

#16 Příspěvek od Márty84 »

Obcas se to stane, ze OTL tuhle chybku vyhodi :roll:

:arrow: Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Blare
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 06 pro 2011 19:54

Re: Preventivka

#17 Příspěvek od Blare »

OTL logfile created on: 26. 12. 2013 16:02:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Turbo\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,99 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 61,09% Memory free
5,98 Gb Paging File | 4,53 Gb Available in Paging File | 75,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 254,14 Gb Total Space | 39,42 Gb Free Space | 15,51% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 28,04 Gb Free Space | 96,72% Space Free | Partition Type: NTFS

Computer Name: TURBO-PC | User Name: Turbo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/12/26 10:45:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Turbo\Downloads\OTL.exe
PRC - [2013/12/23 21:03:56 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2013/11/28 21:27:22 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2013/09/12 12:06:06 | 005,110,672 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2013/08/02 01:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/05/15 10:27:34 | 000,857,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2012/05/15 01:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/11 21:32:38 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files\Lenovo\YouCam\YCMMirage.exe
PRC - [2010/06/13 19:59:20 | 000,800,032 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
PRC - [2010/06/13 19:59:20 | 000,628,000 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
PRC - [2010/02/06 10:25:27 | 003,122,528 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\VeriFace\PManage.exe
PRC - [2009/12/23 18:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/12/19 03:50:58 | 000,665,504 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
PRC - [2009/12/17 07:33:56 | 004,114,368 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe
PRC - [2009/12/17 07:31:22 | 006,223,808 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2009/12/09 09:48:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/12/09 09:48:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/11/24 10:36:58 | 000,501,640 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2009/11/16 10:07:20 | 000,487,992 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
PRC - [2009/09/14 14:50:20 | 000,299,008 | ---- | M] () -- C:\Genius\ioCentre\gMouseTask.exe
PRC - [2009/09/03 10:30:38 | 000,061,440 | ---- | M] () -- C:\Genius\ioCentre\gTaskBar.exe
PRC - [2009/09/03 10:26:32 | 000,172,032 | ---- | M] () -- C:\Genius\ioCentre\gKbdTask.exe
PRC - [2009/09/03 10:00:32 | 000,053,248 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gIoCentreFunMgm.exe
PRC - [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe
PRC - [2009/07/14 02:14:19 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Eap3Host.exe
PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/12/23 21:03:55 | 016,242,056 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013/11/28 21:27:21 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/05/15 01:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2010/06/13 19:59:36 | 000,132,384 | ---- | M] () -- C:\Program Files\Lenovo\Bluetooth Software\BTKeyInd.dll
MOD - [2010/02/06 10:25:26 | 001,410,400 | ---- | M] () -- C:\Windows\System32\IcnOvrly.dll
MOD - [2010/02/06 10:25:26 | 000,492,896 | ---- | M] () -- C:\Program Files\Lenovo\VeriFace\ChooseLang.dll
MOD - [2009/12/19 03:51:18 | 000,133,024 | ---- | M] () -- C:\Program Files\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
MOD - [2009/12/19 03:50:38 | 000,161,696 | ---- | M] () -- C:\Program Files\Lenovo\Onekey Theater\ActiveDetect32.dll
MOD - [2009/09/14 14:50:20 | 000,299,008 | ---- | M] () -- C:\Genius\ioCentre\gMouseTask.exe
MOD - [2009/09/03 10:30:38 | 000,061,440 | ---- | M] () -- C:\Genius\ioCentre\gTaskBar.exe
MOD - [2009/09/03 10:26:32 | 000,172,032 | ---- | M] () -- C:\Genius\ioCentre\gKbdTask.exe
MOD - [2009/09/03 10:25:28 | 000,022,016 | ---- | M] () -- C:\Genius\ioCentre\gIoCentreHook.dll
MOD - [2009/09/03 10:24:14 | 000,023,040 | ---- | M] () -- C:\Genius\ioCentre\gfSystem.dll
MOD - [2009/09/03 10:23:26 | 000,017,920 | ---- | M] () -- C:\Genius\ioCentre\gfOffice.dll
MOD - [2009/09/03 10:22:16 | 000,057,344 | ---- | M] () -- C:\Genius\ioCentre\gfMedia.dll
MOD - [2009/09/03 10:18:58 | 000,031,744 | ---- | M] () -- C:\Genius\ioCentre\gfEmail.dll
MOD - [2009/09/03 10:14:30 | 000,061,440 | ---- | M] () -- C:\Genius\ioCentre\gfBrowser.dll
MOD - [2009/09/03 10:06:12 | 000,196,608 | ---- | M] () -- C:\Genius\ioCentre\gZoom.dll
MOD - [2009/09/03 10:05:28 | 000,053,248 | ---- | M] () -- C:\Genius\ioCentre\gTaskSwitch.dll
MOD - [2009/09/03 10:04:44 | 000,061,440 | ---- | M] () -- C:\Genius\ioCentre\gTabSwitch.dll
MOD - [2009/09/03 10:03:00 | 000,118,784 | ---- | M] () -- C:\Genius\ioCentre\gPreset.dll
MOD - [2009/09/03 10:02:16 | 000,192,512 | ---- | M] () -- C:\Genius\ioCentre\gKbStatus.dll
MOD - [2009/09/03 09:59:14 | 000,057,344 | ---- | M] () -- C:\Genius\ioCentre\gIMMgm.dll
MOD - [2009/09/03 09:58:36 | 000,053,248 | ---- | M] () -- C:\Genius\ioCentre\gIMHook.dll
MOD - [2009/09/03 09:56:56 | 000,200,704 | ---- | M] () -- C:\Genius\ioCentre\gDeskMgm.dll
MOD - [2009/09/03 09:55:50 | 000,069,632 | ---- | M] () -- C:\Genius\ioCentre\gAutoScroll.dll
MOD - [2009/09/03 09:54:32 | 000,188,416 | ---- | M] () -- C:\Genius\ioCentre\gAutoPan.dll
MOD - [2009/09/03 09:45:14 | 000,118,784 | ---- | M] () -- C:\Genius\ioCentre\GenXml.dll
MOD - [2009/09/03 09:43:46 | 000,022,016 | ---- | M] () -- C:\Genius\ioCentre\gDevMgm.dll
MOD - [2008/12/20 04:20:50 | 000,063,304 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll
MOD - [2008/12/20 04:20:08 | 000,051,016 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll


========== Services (SafeList) ==========

SRV - [2013/12/23 21:03:56 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/28 21:27:21 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/26 09:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2013/06/21 08:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/18 10:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/05/15 11:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/15 01:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/06/17 22:13:02 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/06/13 19:59:20 | 000,628,000 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/12/23 18:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/12/09 09:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/12/09 09:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/09/22 19:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)
SRV - [2009/08/14 15:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)
SRV - [2009/07/26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/16 04:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)
SRV - [2009/07/14 15:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2009/07/14 15:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aqr1tidb)
DRV - [2013/12/04 02:23:26 | 000,161,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2013/10/02 01:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2013/09/17 15:17:38 | 000,188,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2013/09/17 15:17:38 | 000,174,400 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2013/09/17 15:17:38 | 000,134,248 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2013/09/17 15:17:38 | 000,049,240 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2013/09/17 15:17:38 | 000,037,416 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2013/01/23 09:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2013/01/23 09:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2013/01/23 09:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2013/01/23 09:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012/10/17 13:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012/08/23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/05/15 11:26:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/01/11 21:33:14 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/10/07 19:15:15 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/07/04 11:55:36 | 000,045,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2010/06/16 18:35:38 | 000,271,360 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/06/16 18:35:32 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/01/20 05:14:42 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009/12/11 09:24:36 | 000,182,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/11/24 07:20:22 | 000,507,392 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009/10/26 20:27:26 | 000,171,776 | ---- | M] (SMI) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SMIksdrv.sys -- (usbsmi)
DRV - [2009/09/17 05:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/08/05 07:57:02 | 000,032,896 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVPolCIR.sys -- (AVPolCIR)
DRV - [2009/08/05 07:56:56 | 000,314,752 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerPola.sys -- (AVerPola)
DRV - [2009/07/28 22:09:36 | 000,063,240 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdbridge.sys -- (Bridge0)
DRV - [2009/07/21 22:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009/07/16 13:37:14 | 000,011,792 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2009/06/27 16:30:32 | 000,020,480 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gHidPnp.sys -- (gHidPnp)
DRV - [2009/06/25 16:04:28 | 000,011,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gMouUsb.sys -- (gMouUsb)
DRV - [2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/08/06 13:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2004/11/29 19:14:30 | 000,019,648 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2004/11/25 17:41:08 | 000,046,080 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2004/10/28 11:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3825014317-2607772001-1910489964-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-3825014317-2607772001-1910489964-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
IE - HKU\S-1-5-21-3825014317-2607772001-1910489964-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3825014317-2607772001-1910489964-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-3825014317-2607772001-1910489964-1003\..\SearchScopes\{5F3BEBD5-F6C6-A4B8-EDD2-A6F5F61813A8}: "URL" = http://www.buzqo.com/s/?q={searchTerms} ... 01-0-2xDj3
IE - HKU\S-1-5-21-3825014317-2607772001-1910489964-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@cambridgesoft.com/Chem3D,version=12.0: C:\Program Files\CambridgeSoft\ChemOffice2010\Chem3D\npChem3DPlugin.dll (CambridgeSoft Corp.)
FF - HKLM\Software\MozillaPlugins\@cambridgesoft.com/ChemDraw,version=12.0: C:\Program Files\CambridgeSoft\ChemOffice2010\ChemDraw\npcdp32.dll (CambridgeSoft Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Turbo\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Turbo\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/28 21:27:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/28 21:27:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/11/14 07:35:59 | 000,000,000 | ---D | M]

[2010/06/16 20:16:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Turbo\AppData\Roaming\mozilla\Extensions
[2013/07/14 16:02:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Turbo\AppData\Roaming\mozilla\Firefox\Profiles\dku322xp.default\extensions
[2013/11/28 21:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/11/28 21:27:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/28 21:27:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013/12/25 11:36:59 | 000,000,741 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe ()
O4 - HKLM..\Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-3825014317-2607772001-1910489964-1003..\Run: [] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3825014317-2607772001-1910489964-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3825014317-2607772001-1910489964-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab (NVIDIA Smart Scan)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E750665B-C163-45CA-8352-BAD11573DDA6}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.clmp3enc - C:\Program Files\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.tscc - C:\windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013/12/24 18:34:01 | 000,081,704 | ---- | C] (CyberLink) -- C:\windows\System32\drivers\wsvd.sys.bak
[2013/12/24 18:34:00 | 000,128,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\WimFltr.sys.bak
[2013/12/24 18:34:00 | 000,035,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\winusb.sys.bak
[2013/12/24 18:34:00 | 000,014,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\wmilib.sys.bak
[2013/12/24 18:33:59 | 000,063,240 | ---- | C] (Lenovo) -- C:\windows\System32\drivers\wdbridge.sys.bak
[2013/12/24 18:33:59 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\WdfLdr.sys.bak
[2013/12/24 18:33:59 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\watchdog.sys.bak
[2013/12/24 18:33:59 | 000,011,792 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\drivers\WDMirror.sys.bak
[2013/12/24 18:33:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\vwifimp.sys.bak
[2013/12/24 18:33:57 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\videoprt.sys.bak
[2013/12/24 18:33:55 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbrpm.sys.bak
[2013/12/24 18:33:55 | 000,008,192 | ---- | C] (Nokia) -- C:\windows\System32\drivers\usbser_lowerfltj.sys.bak
[2013/12/24 18:33:55 | 000,008,192 | ---- | C] (Nokia) -- C:\windows\System32\drivers\usbser_lowerflt.sys.bak
[2013/12/24 18:33:54 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbport.sys.bak
[2013/12/24 18:33:54 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbd.sys.bak
[2013/12/24 18:33:53 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\USBCAMD2.sys.bak
[2013/12/24 18:33:53 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\USBCAMD.sys.bak
[2013/12/24 18:33:53 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usb8023.sys.bak
[2013/12/24 18:33:52 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\TsUsbFlt.sys.bak
[2013/12/24 18:33:51 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\tdi.sys.bak
[2013/12/24 18:33:50 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\storport.sys.bak
[2013/12/24 18:33:50 | 000,053,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\stream.sys.bak
[2013/12/24 18:33:50 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\tape.sys.bak
[2013/12/24 18:33:49 | 000,436,792 | ---- | C] (Duplex Secure Ltd.) -- C:\windows\System32\drivers\sptd.sys.bak
[2013/12/24 18:33:49 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\spsys.sys.bak
[2013/12/24 18:33:48 | 002,532,864 | ---- | C] (Silicon Motion Corporation) -- C:\windows\System32\drivers\SMIexp.sys.bak
[2013/12/24 18:33:48 | 000,171,776 | ---- | C] (SMI) -- C:\windows\System32\drivers\SMIksdrv.sys.bak
[2013/12/24 18:33:48 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\smclib.sys.bak
[2013/12/24 18:33:47 | 000,019,648 | ---- | C] (Protection Technology) -- C:\windows\System32\drivers\sfsync02.sys.bak
[2013/12/24 18:33:47 | 000,006,656 | ---- | C] (Protection Technology) -- C:\windows\System32\drivers\sfhlp02.sys.bak
[2013/12/24 18:33:46 | 000,046,080 | ---- | C] (Protection Technology) -- C:\windows\System32\drivers\sfdrv01.sys.bak
[2013/12/24 18:33:45 | 000,182,304 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\System32\drivers\RtsUStor.sys.bak
[2013/12/24 18:33:45 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\scsiport.sys.bak
[2013/12/24 18:33:44 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\rmcast.sys.bak
[2013/12/24 18:33:44 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\RNDISMP.sys.bak
[2013/12/24 18:33:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\rdpvideominiport.sys.bak
[2013/12/24 18:33:41 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\portcls.sys.bak
[2013/12/24 18:33:41 | 000,042,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\pciidex.sys.bak
[2013/12/24 18:33:40 | 000,019,072 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys.bak
[2013/12/24 18:33:35 | 011,354,944 | ---- | C] (NVIDIA Corporation) -- C:\windows\System32\drivers\nvlddmkm.sys.bak
[2013/12/24 18:33:35 | 000,161,056 | ---- | C] (NVIDIA Corporation) -- C:\windows\System32\drivers\nvhda32v.sys.bak
[2013/12/24 18:33:33 | 004,231,168 | ---- | C] (Intel Corporation) -- C:\windows\System32\drivers\netw5v32.sys.bak
[2013/12/24 18:33:33 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\netio.sys.bak
[2013/12/24 18:33:28 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\mcd.sys.bak
[2013/12/24 18:33:26 | 000,229,888 | ---- | C] (Broadcom Corporation) -- C:\windows\System32\drivers\k57nd60x.sys.bak
[2013/12/24 18:33:26 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ks.sys.bak
[2013/12/24 18:33:22 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\hidclass.sys.bak
[2013/12/24 18:33:22 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\hidparse.sys.bak
[2013/12/24 18:33:21 | 000,041,088 | ---- | C] (Intel Corporation) -- C:\windows\System32\drivers\HECI.sys.bak
[2013/12/24 18:33:21 | 000,026,176 | ---- | C] (LogMeIn, Inc.) -- C:\windows\System32\drivers\hamachi.sys.bak
[2013/12/24 18:33:20 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\FWPKCLNT.SYS.bak
[2013/12/24 18:33:17 | 000,188,808 | ---- | C] (ESET) -- C:\windows\System32\drivers\eamonm.sys.bak
[2013/12/24 18:33:17 | 000,174,400 | ---- | C] (ESET) -- C:\windows\System32\drivers\epfw.sys.bak
[2013/12/24 18:33:17 | 000,134,248 | ---- | C] (ESET) -- C:\windows\System32\drivers\ehdrv.sys.bak
[2013/12/24 18:33:17 | 000,049,240 | ---- | C] (ESET) -- C:\windows\System32\drivers\epfwwfp.sys.bak
[2013/12/24 18:33:17 | 000,037,416 | ---- | C] (ESET) -- C:\windows\System32\drivers\EpfwLWF.sys.bak
[2013/12/24 18:33:16 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys.bak
[2013/12/24 18:33:16 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxg.sys.bak
[2013/12/24 18:33:16 | 000,055,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dumpfve.sys.bak
[2013/12/24 18:33:16 | 000,026,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Dumpata.sys.bak
[2013/12/24 18:33:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxapi.sys.bak
[2013/12/24 18:33:15 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\drmk.sys.bak
[2013/12/24 18:33:15 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Diskdump.sys.bak
[2013/12/24 18:33:14 | 000,035,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\crashdmp.sys.bak
[2013/12/24 18:33:13 | 000,507,392 | ---- | C] (Conexant Systems Inc.) -- C:\windows\System32\drivers\CHDRT32.sys.bak
[2013/12/24 18:33:13 | 000,140,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Classpnp.sys.bak
[2013/12/24 18:33:13 | 000,027,632 | ---- | C] (CyberLink Corporation) -- C:\windows\System32\drivers\clwvd.sys.bak
[2013/12/24 18:33:12 | 000,023,168 | ---- | C] (Nokia) -- C:\windows\System32\drivers\ccdcmbo.sys.bak
[2013/12/24 18:33:12 | 000,018,560 | ---- | C] (Nokia) -- C:\windows\System32\drivers\ccdcmb.sys.bak
[2013/12/24 18:33:11 | 000,045,736 | ---- | C] (Broadcom Corporation.) -- C:\windows\System32\drivers\btusbflt.sys.bak
[2013/12/24 18:33:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\BdaSup.sys.bak
[2013/12/24 18:33:08 | 000,025,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\battc.sys.bak
[2013/12/24 18:33:07 | 000,314,752 | ---- | C] (AVerMedia TECHNOLOGIES, Inc.) -- C:\windows\System32\drivers\AVerPola.sys.bak
[2013/12/24 18:33:07 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ataport.sys.bak
[2013/12/24 18:33:07 | 000,032,896 | ---- | C] (AVerMedia TECHNOLOGIES, Inc.) -- C:\windows\System32\drivers\AVPolCIR.sys.bak
[2013/12/24 18:33:03 | 000,023,136 | ---- | C] (Lenovo Corporation) -- C:\windows\System32\drivers\AcpiVpc.sys.bak
[2013/12/24 18:33:01 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\1394bus.sys.bak
[2013/12/24 09:45:35 | 000,000,000 | ---D | C] -- C:\Users\Turbo\AppData\Roaming\Malwarebytes
[2013/12/24 09:45:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/12/24 09:45:09 | 000,000,000 | ---D | C] -- C:\Users\Turbo\AppData\Local\Programs
[2013/12/23 21:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2013/12/11 14:58:53 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2013/12/11 14:58:52 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2013/12/11 14:58:51 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2013/12/11 14:58:50 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2013/12/11 14:58:50 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2013/12/11 14:58:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwcollectorres.dll
[2013/12/11 14:58:49 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9diag.dll
[2013/12/11 14:58:49 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2013/12/11 14:58:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2013/12/11 14:58:49 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwproxystub.dll
[2013/12/11 14:58:49 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2013/12/11 14:58:48 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwcollector.exe
[2013/12/11 14:58:46 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2013/12/11 14:58:42 | 004,243,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2013/12/11 14:46:50 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmploc.DLL
[2013/12/11 14:45:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2013/12/11 14:44:39 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cscript.exe
[2013/12/11 14:44:36 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMPhoto.dll
[2013/12/11 14:44:29 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2013/12/11 14:44:26 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\portcls.sys
[2013/12/11 14:44:26 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\drmk.sys
[2013/12/08 18:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2013/12/04 02:23:26 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\windows\System32\nvhdagenco32.dll
[2013/12/04 02:23:26 | 000,161,056 | ---- | C] (NVIDIA Corporation) -- C:\windows\System32\drivers\nvhda32v.sys
[2013/12/04 02:23:26 | 000,028,448 | ---- | C] (NVIDIA Corporation) -- C:\windows\System32\nvhdap32.dll
[2013/11/28 22:54:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/11/28 22:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/11/28 22:54:38 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013/11/28 22:54:31 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013/11/28 22:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/11/28 21:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/27 08:22:10 | 000,000,000 | ---D | C] -- C:\windows\Migration
[9 C:\Users\Turbo\Documents\*.tmp files -> C:\Users\Turbo\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/12/26 16:04:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/12/26 15:47:49 | 000,000,946 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3825014317-2607772001-1910489964-1003UA1ceebb13ad1ecd7.job
[2013/12/26 15:11:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/12/26 13:20:39 | 000,000,886 | ---- | M] () -- C:\Users\Turbo\Desktop\jacksmith_backup_1.papa
[2013/12/26 10:46:55 | 000,015,792 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/26 10:46:55 | 000,015,792 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/26 10:39:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/12/26 10:39:27 | 2408,722,432 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/25 21:47:00 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3825014317-2607772001-1910489964-1003Core1ceebb13a91d691.job
[2013/12/25 11:39:37 | 000,081,704 | ---- | M] (CyberLink) -- C:\windows\System32\drivers\wsvd.sys.bak
[2013/12/25 11:39:37 | 000,035,968 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\winusb.sys.bak
[2013/12/25 11:39:37 | 000,014,912 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\wmilib.sys.bak
[2013/12/25 11:39:36 | 000,128,104 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\WimFltr.sys.bak
[2013/12/25 11:39:36 | 000,047,720 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\WdfLdr.sys.bak
[2013/12/25 11:39:36 | 000,011,792 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\drivers\WDMirror.sys.bak
[2013/12/25 11:39:35 | 000,063,240 | ---- | M] (Lenovo) -- C:\windows\System32\drivers\wdbridge.sys.bak
[2013/12/25 11:39:35 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\watchdog.sys.bak
[2013/12/25 11:39:35 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\vwifimp.sys.bak
[2013/12/25 11:39:34 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\videoprt.sys.bak
[2013/12/25 11:39:33 | 000,008,192 | ---- | M] (Nokia) -- C:\windows\System32\drivers\usbser_lowerfltj.sys.bak
[2013/12/25 11:39:32 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\usbport.sys.bak
[2013/12/25 11:39:32 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\usbrpm.sys.bak
[2013/12/25 11:39:32 | 000,008,192 | ---- | M] (Nokia) -- C:\windows\System32\drivers\usbser_lowerflt.sys.bak
[2013/12/25 11:39:31 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\USBCAMD2.sys.bak
[2013/12/25 11:39:31 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\USBCAMD.sys.bak
[2013/12/25 11:39:31 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\usb8023.sys.bak
[2013/12/25 11:39:31 | 000,006,016 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\usbd.sys.bak
[2013/12/25 11:39:30 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\TsUsbFlt.sys.bak
[2013/12/25 11:39:29 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\tdi.sys.bak
[2013/12/25 11:39:28 | 000,148,864 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\storport.sys.bak
[2013/12/25 11:39:28 | 000,053,632 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\stream.sys.bak
[2013/12/25 11:39:28 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\tape.sys.bak
[2013/12/25 11:39:27 | 000,405,504 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\spsys.sys.bak
[2013/12/25 11:39:26 | 002,532,864 | ---- | M] (Silicon Motion Corporation) -- C:\windows\System32\drivers\SMIexp.sys.bak
[2013/12/25 11:39:26 | 000,171,776 | ---- | M] (SMI) -- C:\windows\System32\drivers\SMIksdrv.sys.bak
[2013/12/25 11:39:26 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\smclib.sys.bak
[2013/12/25 11:39:25 | 000,046,080 | ---- | M] (Protection Technology) -- C:\windows\System32\drivers\sfdrv01.sys.bak
[2013/12/25 11:39:25 | 000,019,648 | ---- | M] (Protection Technology) -- C:\windows\System32\drivers\sfsync02.sys.bak
[2013/12/25 11:39:25 | 000,006,656 | ---- | M] (Protection Technology) -- C:\windows\System32\drivers\sfhlp02.sys.bak
[2013/12/25 11:39:24 | 000,140,160 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\scsiport.sys.bak
[2013/12/25 11:39:23 | 000,182,304 | ---- | M] (Realtek Semiconductor Corp.) -- C:\windows\System32\drivers\RtsUStor.sys.bak
[2013/12/25 11:39:23 | 000,117,760 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\rmcast.sys.bak
[2013/12/25 11:39:23 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\RNDISMP.sys.bak
[2013/12/25 11:39:22 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\rdpvideominiport.sys.bak
[2013/12/25 11:39:20 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\portcls.sys.bak
[2013/12/25 11:39:19 | 000,042,560 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\pciidex.sys.bak
[2013/12/25 11:39:19 | 000,019,072 | ---- | M] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys.bak
[2013/12/25 11:39:16 | 011,354,944 | ---- | M] (NVIDIA Corporation) -- C:\windows\System32\drivers\nvlddmkm.sys.bak
[2013/12/25 11:39:15 | 000,161,056 | ---- | M] (NVIDIA Corporation) -- C:\windows\System32\drivers\nvhda32v.sys.bak
[2013/12/25 11:39:14 | 004,231,168 | ---- | M] (Intel Corporation) -- C:\windows\System32\drivers\netw5v32.sys.bak
[2013/12/25 11:39:13 | 000,240,496 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\netio.sys.bak
[2013/12/25 11:39:08 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\mcd.sys.bak
[2013/12/25 11:39:07 | 000,229,888 | ---- | M] (Broadcom Corporation) -- C:\windows\System32\drivers\k57nd60x.sys.bak
[2013/12/25 11:39:07 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\ks.sys.bak
[2013/12/25 11:39:07 | 000,018,048 | ---- | M] () -- C:\windows\System32\drivers\lirsgt.sys.bak
[2013/12/25 11:39:03 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\hidclass.sys.bak
[2013/12/25 11:39:03 | 000,041,088 | ---- | M] (Intel Corporation) -- C:\windows\System32\drivers\HECI.sys.bak
[2013/12/25 11:39:03 | 000,025,728 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\hidparse.sys.bak
[2013/12/25 11:39:02 | 000,026,176 | ---- | M] (LogMeIn, Inc.) -- C:\windows\System32\drivers\hamachi.sys.bak
[2013/12/25 11:39:02 | 000,020,480 | ---- | M] () -- C:\windows\System32\drivers\gHidPnp.sys.bak
[2013/12/25 11:39:02 | 000,011,520 | ---- | M] () -- C:\windows\System32\drivers\gMouUsb.sys.bak
[2013/12/25 11:39:01 | 000,187,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\FWPKCLNT.SYS.bak
[2013/12/25 11:38:59 | 000,049,240 | ---- | M] (ESET) -- C:\windows\System32\drivers\epfwwfp.sys.bak
[2013/12/25 11:38:59 | 000,037,416 | ---- | M] (ESET) -- C:\windows\System32\drivers\EpfwLWF.sys.bak
[2013/12/25 11:38:58 | 000,218,984 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys.bak
[2013/12/25 11:38:58 | 000,188,808 | ---- | M] (ESET) -- C:\windows\System32\drivers\eamonm.sys.bak
[2013/12/25 11:38:58 | 000,174,400 | ---- | M] (ESET) -- C:\windows\System32\drivers\epfw.sys.bak
[2013/12/25 11:38:58 | 000,134,248 | ---- | M] (ESET) -- C:\windows\System32\drivers\ehdrv.sys.bak
[2013/12/25 11:38:57 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\drmk.sys.bak
[2013/12/25 11:38:57 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\dxg.sys.bak
[2013/12/25 11:38:57 | 000,055,584 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\dumpfve.sys.bak
[2013/12/25 11:38:57 | 000,027,008 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\Diskdump.sys.bak
[2013/12/25 11:38:57 | 000,026,704 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\Dumpata.sys.bak
[2013/12/25 11:38:57 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\dxapi.sys.bak
[2013/12/25 11:38:56 | 000,035,408 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\crashdmp.sys.bak
[2013/12/25 11:38:55 | 000,507,392 | ---- | M] (Conexant Systems Inc.) -- C:\windows\System32\drivers\CHDRT32.sys.bak
[2013/12/25 11:38:55 | 000,140,864 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\Classpnp.sys.bak
[2013/12/25 11:38:55 | 000,027,632 | ---- | M] (CyberLink Corporation) -- C:\windows\System32\drivers\clwvd.sys.bak
[2013/12/25 11:38:55 | 000,023,168 | ---- | M] (Nokia) -- C:\windows\System32\drivers\ccdcmbo.sys.bak
[2013/12/25 11:38:54 | 000,045,736 | ---- | M] (Broadcom Corporation.) -- C:\windows\System32\drivers\btusbflt.sys.bak
[2013/12/25 11:38:54 | 000,018,560 | ---- | M] (Nokia) -- C:\windows\System32\drivers\ccdcmb.sys.bak
[2013/12/25 11:38:51 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\BdaSup.sys.bak
[2013/12/25 11:38:50 | 000,314,752 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\windows\System32\drivers\AVerPola.sys.bak
[2013/12/25 11:38:50 | 000,271,360 | ---- | M] () -- C:\windows\System32\drivers\atksgt.sys.bak
[2013/12/25 11:38:50 | 000,133,056 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\ataport.sys.bak
[2013/12/25 11:38:50 | 000,032,896 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\windows\System32\drivers\AVPolCIR.sys.bak
[2013/12/25 11:38:50 | 000,025,168 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\battc.sys.bak
[2013/12/25 11:38:47 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\1394bus.sys.bak
[2013/12/25 11:38:47 | 000,023,136 | ---- | M] (Lenovo Corporation) -- C:\windows\System32\drivers\AcpiVpc.sys.bak
[2013/12/23 21:03:56 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013/12/23 21:03:56 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013/12/16 23:14:10 | 000,000,354 | ---- | M] () -- C:\Users\Turbo\Documents\ax_files.xml
[2013/12/12 20:47:31 | 000,734,538 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/12/12 20:47:31 | 000,148,234 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/12/11 15:18:02 | 000,452,296 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/12/08 18:16:27 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2013/12/04 22:58:11 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/12/04 02:23:26 | 000,892,704 | ---- | M] (NVIDIA Corporation) -- C:\windows\System32\nvhdagenco32.dll
[2013/12/04 02:23:26 | 000,161,056 | ---- | M] (NVIDIA Corporation) -- C:\windows\System32\drivers\nvhda32v.sys
[2013/12/04 02:23:26 | 000,028,448 | ---- | M] (NVIDIA Corporation) -- C:\windows\System32\nvhdap32.dll
[2013/11/28 22:54:26 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013/11/28 22:54:23 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013/11/28 22:54:23 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013/11/28 22:54:22 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
[9 C:\Users\Turbo\Documents\*.tmp files -> C:\Users\Turbo\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/25 22:15:07 | 000,000,886 | ---- | C] () -- C:\Users\Turbo\Desktop\jacksmith_backup_1.papa
[2013/12/24 18:33:27 | 000,018,048 | ---- | C] () -- C:\windows\System32\drivers\lirsgt.sys.bak
[2013/12/24 18:33:21 | 000,011,520 | ---- | C] () -- C:\windows\System32\drivers\gMouUsb.sys.bak
[2013/12/24 18:33:20 | 000,020,480 | ---- | C] () -- C:\windows\System32\drivers\gHidPnp.sys.bak
[2013/12/24 18:33:07 | 000,271,360 | ---- | C] () -- C:\windows\System32\drivers\atksgt.sys.bak
[2013/11/27 21:42:46 | 000,000,946 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3825014317-2607772001-1910489964-1003UA1ceebb13ad1ecd7.job
[2013/11/27 21:42:46 | 000,000,894 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3825014317-2607772001-1910489964-1003Core1ceebb13a91d691.job
[2013/08/09 20:01:49 | 000,016,384 | ---- | C] () -- C:\windows\System32\FileOps.exe
[2013/01/15 17:15:07 | 000,000,134 | ---- | C] () -- C:\ProgramData\xlink.sys
[2013/01/15 17:15:07 | 000,000,000 | ---- | C] () -- C:\windows\System32\ntUsrrP_1_0.dll
[2012/05/15 01:21:50 | 000,423,744 | ---- | C] () -- C:\windows\System32\nvStreaming.exe
[2012/02/11 19:14:47 | 000,000,535 | ---- | C] () -- C:\windows\SIERRA.INI
[2011/12/24 15:19:13 | 000,005,095 | ---- | C] () -- C:\ProgramData\xpbthzbm.qqq
[2010/09/25 14:13:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/13 13:06:47 | 000,230,400 | ---- | C] () -- C:\Users\Turbo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/16 22:29:49 | 000,007,591 | ---- | C] () -- C:\Users\Turbo\AppData\Local\Resmon.ResmonCfg
[2010/06/16 17:44:20 | 000,003,719 | ---- | C] () -- C:\ProgramData\profile.xml
[2010/02/06 10:13:18 | 000,001,350 | ---- | C] () -- C:\Users\Turbo\Proof.XML

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/11/23 18:04:11 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\.minecraft
[2010/06/25 18:47:59 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\1C
[2010/06/24 12:55:55 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Advanced Chemistry Development
[2010/06/16 17:44:23 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\ArcSyncConfig
[2010/10/08 13:52:01 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Audacity
[2012/07/06 12:42:50 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\BitTorrent
[2011/12/24 15:13:25 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Boilsoft
[2010/07/17 22:42:57 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\CCS64
[2010/10/06 13:28:15 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Clickteam
[2010/07/30 12:17:15 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/07/04 22:20:55 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\ESET
[2013/10/19 18:06:51 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\fltk.org
[2010/10/08 14:04:08 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Free Audio Editor
[2011/05/02 15:03:46 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\ICQ
[2010/06/18 09:47:03 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Lenovo
[2013/02/13 20:50:16 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Mestrelab Research S.L
[2013/02/25 21:08:16 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\My Battle for Middle-earth Files
[2012/06/24 21:24:27 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2011/12/26 18:30:14 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Nokia
[2011/05/15 11:29:06 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Octoshape
[2011/12/26 18:47:01 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\PC Suite
[2010/07/22 21:17:40 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Red Alert 3 Uprising
[2013/05/13 09:23:32 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Softland
[2010/06/25 18:47:58 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\tmplts
[2010/10/20 16:57:35 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 05:53:46 | 000,032,572 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2012/04/03 04:56:50 | 000,000,830 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013/11/27 21:42:46 | 000,000,894 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3825014317-2607772001-1910489964-1003Core1ceebb13a91d691.job
[2013/11/27 21:42:46 | 000,000,946 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3825014317-2607772001-1910489964-1003UA1ceebb13ad1ecd7.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2010/02/06 00:36:16 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2010/02/06 00:36:16 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012/08/22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013/01/03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013/01/04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013/07/06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013/07/06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2012/03/30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2013/05/08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013/09/07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013/01/03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012/03/30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011/06/21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012/08/22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010/06/14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\ERDNT\cache\tcpip.sys
[2010/06/14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013/01/04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011/06/21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2013/09/08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013/09/08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013/05/08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012/10/03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012/10/03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012/03/30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[5 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/11/23 18:04:11 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\.minecraft
[2010/06/25 18:47:59 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\1C
[2013/08/09 20:02:14 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Adobe
[2010/06/24 12:55:55 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Advanced Chemistry Development
[2011/11/15 06:45:38 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Apple Computer
[2010/06/16 17:44:23 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\ArcSyncConfig
[2010/10/08 13:52:01 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Audacity
[2012/07/06 12:42:50 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\BitTorrent
[2011/12/24 15:13:25 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Boilsoft
[2010/07/17 22:42:57 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\CCS64
[2010/10/06 13:28:15 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Clickteam
[2010/07/30 12:17:15 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/08/02 21:26:49 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Corel
[2010/06/16 17:21:36 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\CyberLink
[2013/07/05 15:03:13 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\dvdcss
[2010/07/04 22:20:55 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\ESET
[2013/10/19 18:06:51 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\fltk.org
[2010/10/08 14:04:08 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Free Audio Editor
[2011/08/14 19:01:46 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Hamachi
[2011/05/02 15:03:46 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\ICQ
[2010/06/16 13:01:54 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Identities
[2010/06/16 13:04:09 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\InstallShield
[2010/06/18 09:47:03 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Lenovo
[2010/06/16 20:55:48 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Macromedia
[2013/12/24 09:45:35 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Malwarebytes
[2009/07/29 11:50:54 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Media Center Programs
[2010/07/07 10:18:31 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Media Player Classic
[2013/02/13 20:50:16 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Mestrelab Research S.L
[2013/04/14 14:15:46 | 000,000,000 | --SD | M] -- C:\Users\Turbo\AppData\Roaming\Microsoft
[2011/05/10 20:05:18 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Mozilla
[2013/02/25 21:08:16 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\My Battle for Middle-earth Files
[2012/06/24 21:24:27 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2012/12/21 14:58:18 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Nero
[2011/12/26 18:30:14 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Nokia
[2012/05/26 16:53:48 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\NVIDIA
[2011/05/15 11:29:06 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Octoshape
[2011/12/26 18:47:01 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\PC Suite
[2010/07/22 21:17:40 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Red Alert 3 Uprising
[2010/08/27 12:36:13 | 000,000,000 | RH-D | M] -- C:\Users\Turbo\AppData\Roaming\SecuROM
[2013/12/14 20:54:07 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Skype
[2012/03/10 17:12:54 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\skypePM
[2013/05/13 09:23:32 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Softland
[2010/06/25 18:47:58 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\tmplts
[2013/12/26 15:58:52 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\vlc
[2010/10/20 16:57:35 | 000,000,000 | ---D | M] -- C:\Users\Turbo\AppData\Roaming\Windows Live Writer

< %APPDATA%\*.exe /s >
[2010/12/18 15:28:20 | 000,010,134 | R--- | M] () -- C:\Users\Turbo\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2013/11/11 20:18:49 | 000,367,104 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\dxtmsft.dll
[2013/11/11 20:18:49 | 000,244,736 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\dxtrans.dll
[2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\LocationApi.dll

< %systemroot%\Tasks\*.job >
[2013/12/26 16:11:00 | 000,000,830 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013/12/25 21:47:00 | 000,000,894 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3825014317-2607772001-1910489964-1003Core1ceebb13a91d691.job
[2013/12/26 15:47:49 | 000,000,946 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3825014317-2607772001-1910489964-1003UA1ceebb13ad1ecd7.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/10/07 19:15:15 | 000,436,792 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2013/11/11 20:18:49 | 000,367,104 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\dxtmsft.dll
[2013/11/11 20:18:49 | 000,244,736 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\dxtrans.dll
[2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\LocationApi.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/12/26 10:46:55 | 000,015,792 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/26 10:46:55 | 000,015,792 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/23 21:03:56 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\system32\FlashPlayerApp.exe
[2013/12/23 21:03:56 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\system32\FlashPlayerCPLApp.cpl
[2013/12/26 10:39:43 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2005/03/18 01:53:30 | 000,065,172 | ---- | M] () -- \DUKE3D\highres\sprites\firstperson\2324_crackknuckles.md2
[2012/04/26 00:24:42 | 001,075,116 | ---- | M] () -- \DUKE3D\highres\sprites\firstperson\2324_crackknuckles.md3
[2005/03/26 18:51:00 | 000,140,211 | ---- | M] () -- \DUKE3D\highres\sprites\firstperson\2324_crackknuckles.png
[2012/04/26 00:24:42 | 000,089,820 | ---- | M] () -- \DUKE3D\highres\sprites\firstperson_polymost\2324_crackknuckles.md3
[2012/04/26 00:24:42 | 000,140,092 | ---- | M] () -- \DUKE3D\highres\sprites\firstperson_polymost\2324_crackknuckles.png
[2007/03/18 18:04:42 | 000,555,346 | ---- | M] () -- \Jazz Jackrabbit 2\Jazz2\cracking_ice.mod
[2009/12/19 12:45:08 | 000,003,460 | ---- | M] () -- \Program Files\Game_Maker8\Sprites\Maze - Platform\wall_block_cracked1.png
[2009/12/19 12:45:08 | 000,003,675 | ---- | M] () -- \Program Files\Game_Maker8\Sprites\Maze - Platform\wall_block_cracked2.png
[2009/12/19 12:45:08 | 000,004,107 | ---- | M] () -- \Program Files\Game_Maker8\Sprites\Maze - Platform\wall_block_cracked3.png
[2009/12/19 12:45:08 | 000,003,529 | ---- | M] () -- \Program Files\Game_Maker8\Sprites\Maze - Platform\wall_block_cracked4.png
[2010/05/14 01:47:49 | 000,014,193 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D\UVAtlas\crackdecl.cpp
[2010/05/14 01:47:49 | 000,013,457 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D\UVAtlas\crackdecl.h
[2010/05/24 22:05:23 | 001,049,656 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\Media\misc\Crack_Displacement.bmp
[2010/05/24 22:05:23 | 003,145,784 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\Media\misc\Crack_Normal.bmp
[2005/09/22 11:18:52 | 000,032,927 | ---- | M] () -- \Program Files\R'n'D jue\sounds\jue0\nutcrack.wav
[2004/07/22 11:34:50 | 000,002,507 | ---- | M] () -- \Program Files\StatSoft\STATISTICA 8 CS\Examples\Datasets\Cracker promotion.sta
[2004/11/17 15:22:39 | 000,000,574 | ---- | M] () -- \Program Files\Steam\Half Life 2\hl2\materials\Glass\glasswindow018a_cracked.vmt
[2004/11/17 15:22:39 | 000,022,064 | ---- | M] () -- \Program Files\Steam\Half Life 2\hl2\materials\Glass\glasswindow018a_cracked.vtf
[2007/06/13 15:01:48 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2007/06/13 15:01:48 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2007/06/13 15:01:50 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2007/06/13 15:01:50 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2007/06/13 15:01:50 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2007/06/13 15:01:48 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2007/06/13 15:01:48 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2007/06/13 15:01:50 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2007/06/13 15:01:46 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2007/06/13 15:01:46 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2007/06/13 15:01:48 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2007/06/13 15:01:10 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce01
[2007/06/13 15:01:12 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce02
[2007/06/13 15:01:10 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce03
[2007/06/13 15:01:12 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce04
[2007/06/13 15:01:10 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce05
[2007/06/13 15:01:12 | 000,017,490 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedTree
[2007/06/13 15:10:44 | 000,017,491 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapTile\MapObjects\_(AdvMapTile)\Sand\Sand_Cracked
[2006/09/21 15:21:18 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2006/09/21 15:21:16 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2006/09/21 15:21:18 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2006/09/21 15:21:16 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2006/09/26 13:04:34 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2006/09/21 15:21:14 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2006/09/27 19:47:30 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2006/09/26 13:04:36 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2006/09/21 15:21:16 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2006/09/27 16:23:02 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2006/09/21 15:21:12 | 000,017,493 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2006/09/21 13:29:28 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce01
[2006/09/21 13:29:32 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce02
[2006/09/21 13:29:40 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce03
[2006/09/21 13:29:28 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce04
[2006/09/21 13:29:28 | 000,017,494 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce05
[2006/09/21 13:29:38 | 000,017,490 | ---- | M] () -- \Program Files\Ubisoft\Heroes of Might and Magic V Collector Edition\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedTree
[2011/12/17 12:31:52 | 017,659,399 | ---- | M] () -- \Users\Turbo\Desktop\Priecinky\Serialy\Annoying Orange\Annoying Orange - Nutcracker.mp4
[2009/05/13 18:46:34 | 000,081,772 | ---- | M] () -- \Users\Turbo\Documents\Electronic Arts\The Sims 3\Downloads\BH_Crackly Bathtub.Sims3Pack
[2009/04/13 21:46:05 | 000,165,623 | ---- | M] () -- \Users\Turbo\Documents\Electronic Arts\The Sims 3\Downloads\crackizzati muro.Sims3Pack

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2011/07/18 13:16:43 | 000,009,767 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Turbo\AppData\Roaming\Mozilla\Firefox\Profiles\dku322xp.default\ConduitCommon\modules\3.5.0.12\ExternalLibraryLoader.jsm.vir
[2002/10/31 09:31:44 | 000,032,768 | ---- | M] () -- \Program Files\Ballance\Plugins\VirtoolsLoaderR.dll
[2009/05/26 09:08:04 | 000,107,960 | ---- | M] () -- \Program Files\CambridgeSoft\ChemOffice2010\Inventory\ExcelLoader\CambridgeSoft.Inventory.LoaderSupport.exe
[2009/05/26 09:08:04 | 000,345,512 | ---- | M] () -- \Program Files\CambridgeSoft\ChemOffice2010\Inventory\ExcelLoader\ExcelInvLoader.exe
[2006/11/03 17:59:54 | 000,000,406 | ---- | M] () -- \Program Files\CambridgeSoft\ChemOffice2010\Inventory\ExcelLoader\ExcelInvLoader.exe.config
[2000/08/24 13:16:34 | 000,110,592 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2006/10/26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2008/07/30 09:06:58 | 000,072,192 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2008/07/29 02:43:16 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2012/09/25 03:39:16 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2010/12/13 11:32:32 | 014,278,656 | ---- | M] () -- \Program Files\Free YouTube Downloader\YouTubeDownloader.exe
[2010/07/03 16:07:44 | 000,119,675 | ---- | M] () -- \Program Files\Free YouTube Downloader\YouTubeDownloader.ico
[2009/12/17 00:07:42 | 000,000,123 | ---- | M] () -- \Program Files\Game_Maker8\html\Loader.htm
[2009/12/17 00:30:00 | 000,006,111 | ---- | M] () -- \Program Files\Game_Maker8\html\Loader2.htm
[2011/01/11 21:33:58 | 000,056,416 | ---- | M] () -- \Program Files\Lenovo\YouCam\Koan\pyloader.dll
[2011/01/11 21:32:10 | 000,015,969 | ---- | M] () -- \Program Files\Lenovo\YouCam\subsys\Uploader\PyUploader.kc
[2011/01/11 21:32:10 | 000,179,296 | ---- | M] () -- \Program Files\Lenovo\YouCam\subsys\Uploader\_PyUploader.pyd
[2011/01/11 21:32:12 | 002,475,304 | ---- | M] () -- \Program Files\Lenovo\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2010/05/18 18:52:40 | 000,018,448 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D\MeshFromOBJ\MeshLoader.cpp

Blare
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 06 pro 2011 19:54

Re: Preventivka

#18 Příspěvek od Blare »

[2010/05/14 01:47:40 | 000,002,644 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D\MeshFromOBJ\MeshLoader.h
[2010/05/14 01:47:50 | 000,015,855 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D10\ContentStreaming\AsyncLoader.cpp
[2010/05/14 01:47:50 | 000,003,036 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D10\ContentStreaming\AsyncLoader.h
[2010/05/14 01:47:50 | 000,033,039 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D10\ContentStreaming\ContentLoaders.cpp
[2010/05/14 01:47:50 | 000,012,309 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D10\ContentStreaming\ContentLoaders.h
[2010/05/24 22:05:23 | 000,034,801 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D10\DDSWithoutD3DX\DDSTextureLoader.cpp
[2010/05/24 22:05:23 | 000,000,671 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D10\DDSWithoutD3DX\DDSTextureLoader.h
[2010/05/18 18:52:42 | 000,018,244 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D10\MeshFromOBJ10\MeshLoader10.cpp
[2010/05/14 01:47:54 | 000,003,174 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D10\MeshFromOBJ10\MeshLoader10.h
[2010/05/24 22:05:23 | 000,034,477 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D11\DDSWithoutD3DX11\DDSTextureLoader.cpp
[2010/05/24 22:05:23 | 000,000,671 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Samples\C++\Direct3D11\DDSWithoutD3DX11\DDSTextureLoader.h
[2010/06/02 12:36:06 | 000,002,310 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Utilities\Source\MeshConvert\Loader.cpp
[2010/05/14 01:49:03 | 000,000,911 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Utilities\Source\MeshConvert\Loader.h
[2010/05/14 01:49:03 | 000,007,606 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Utilities\Source\MeshConvert\LoaderXFile.cpp
[2010/05/14 01:49:03 | 000,000,852 | ---- | M] () -- \Program Files\Microsoft DirectX SDK (June 2010)\Utilities\Source\MeshConvert\LoaderXFile.h
[2006/10/24 11:05:10 | 000,014,184 | ---- | M] () -- \Program Files\Microsoft Small Business\Small Business Loader\ILoader.dll
[2006/10/24 11:06:52 | 000,047,976 | ---- | M] () -- \Program Files\Microsoft Small Business\Small Business Loader\Loader.dll
[2005/10/14 03:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\90\Tools\Binn\SqlResourceLoader.dll
[2005/10/14 03:49:48 | 000,017,624 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SqlResourceLoader.dll
[2011/10/17 13:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011/11/06 10:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2005/06/07 11:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010/12/14 14:29:29 | 000,001,969 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader\Free YouTube Downloader.lnk
[2011/01/23 11:57:40 | 000,001,323 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2013/12/08 18:16:27 | 000,001,911 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2013/03/26 13:13:12 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013/03/26 13:13:12 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013/03/26 13:13:12 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2006/09/23 02:34:28 | 000,040,960 | ---- | M] () -- \Python25\Lib\site-packages\isapi\PyISAPI_loader.dll
[2006/09/23 02:28:26 | 000,005,632 | ---- | M] () -- \Python25\Lib\site-packages\win32\_win32sysloader.pyd
[2010/12/14 14:29:29 | 000,001,969 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader\Free YouTube Downloader.lnk
[2011/01/23 11:57:40 | 000,001,323 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2013/12/08 18:16:27 | 000,001,911 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2013/03/26 13:13:12 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013/03/26 13:13:12 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013/03/26 13:13:12 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013/12/08 18:16:27 | 000,001,015 | ---- | M] () -- \Users\Public\Desktop\YTD Video Downloader.lnk
[2010/12/14 14:29:29 | 000,001,975 | ---- | M] () -- \Users\Turbo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free YouTube Downloader.lnk
[2010/02/06 10:17:58 | 000,014,184 | ---- | M] () -- \Windows\assembly\GAC_32\ILoader\2.0.5201.0__31bf3856ad364e35\ILoader.dll
[2010/02/06 10:17:58 | 000,047,976 | ---- | M] () -- \Windows\assembly\GAC_32\Loader\2.0.5201.0__31bf3856ad364e35\Loader.dll
[2013/07/11 10:25:08 | 000,021,504 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\ILoader\0a0020bd6ea9d3a7359361b0ac44f533\ILoader.ni.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/06/10 14:42:32 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 05:56:40 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 05:56:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 05:56:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011/02/23 11:50:15 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011/02/23 11:50:15 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011/02/23 11:50:15 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 03:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2010/02/06 00:36:13 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2010/02/06 00:36:13 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2009/05/26 09:06:54 | 000,017,312 | ---- | M] () -- \Program Files\CambridgeSoft\ChemOffice2010\BioAssay\BioAssay.XmlSerializers.dll
[2009/05/26 09:07:04 | 000,791,976 | ---- | M] () -- \Program Files\CambridgeSoft\ChemOffice2010\BioAssay\CambridgeSoft.BioAssay.DAL.XmlSerializers.dll
[2009/05/26 09:08:46 | 000,034,160 | ---- | M] () -- \Program Files\CambridgeSoft\ChemOffice2010\E-Notebook 12.0\bin\ENClient.XmlSerializers.dll
[2009/04/28 15:12:18 | 000,016,384 | ---- | M] () -- \Program Files\CambridgeSoft\ChemOffice2010\Inventory\Csla.XmlSerializers.dll
[2008/07/25 12:17:00 | 000,131,072 | ---- | M] () -- \Program Files\CambridgeSoft\ChemOffice2010\Inventory\DeployMolServerDBO\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013/10/09 06:58:37 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2006/01/26 23:44:04 | 000,000,612 | ---- | M] () -- \Program Files\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\EnumerateSerialPorts.snippet
[2006/01/26 23:44:04 | 000,001,198 | ---- | M] () -- \Program Files\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\ReadDatafromaSerialPort.snippet
[2006/01/26 23:44:04 | 000,001,512 | ---- | M] () -- \Program Files\Microsoft Visual Studio 9.0\VB\Snippets\1033\other\connectivity\UseaSerialPorttoDialaPhoneNumber.snippet
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2008/06/14 00:32:10 | 000,285,032 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\en\System.Runtime.Serialization.xml
[2006/06/01 11:23:03 | 000,200,704 | ---- | M] () -- \Program Files\Steam\Half-Life 2 Episode One\bin\dmserializers.dll
[2010/04/14 17:20:46 | 000,415,592 | ---- | M] () -- \Program Files\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010/04/14 17:20:46 | 000,141,168 | ---- | M] () -- \Program Files\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010/04/14 17:20:46 | 000,321,376 | ---- | M] () -- \Program Files\Windows Live\Mesh\System.Xml.Serialization.dll
[1999/09/02 10:33:40 | 000,003,121 | ---- | M] () -- \Python25\Lib\site-packages\pythonwin\pywin\Demos\ocx\ocxserialtest.py
[2011/12/09 23:06:07 | 000,004,929 | ---- | M] () -- \Python25\Lib\site-packages\pythonwin\pywin\Demos\ocx\ocxserialtest.pyc
[2011/12/09 23:06:10 | 000,004,929 | ---- | M] () -- \Python25\Lib\site-packages\pythonwin\pywin\Demos\ocx\ocxserialtest.pyo
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/14 07:29:55 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/14 09:29:53 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013/11/27 08:25:17 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a281f3909e9182522777315b3a25ec5a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/11/27 08:25:17 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a281f3909e9182522777315b3a25ec5a\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013/11/27 08:25:30 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll
[2013/11/27 08:25:30 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll.aux
[2013/11/27 21:47:50 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\6b054c1a64987a9caa2a1c98b070f47f\System.Xml.Serialization.ni.dll
[2013/11/27 21:47:50 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\6b054c1a64987a9caa2a1c98b070f47f\System.Xml.Serialization.ni.dll.aux
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/09/11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008/06/02 07:01:28 | 000,009,272 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\en\System.Runtime.Serialization.Formatters.Soap.xml
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/07/14 15:27:26 | 000,054,536 | ---- | M] () -- \Windows\System32\SerialPortMonitor.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2013/12/25 11:39:24 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys.bak
[2009/07/14 03:09:30 | 000,010,240 | ---- | M] () -- \Windows\System32\drivers\en-US\serial.sys.mui
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2010/02/06 00:34:01 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2010/02/06 00:34:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010/11/20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009/07/14 03:28:14 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 18:12:04 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 18:12:20 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2009/07/14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010/11/20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009/07/14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009/07/14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009/07/14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010/11/20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010/11/05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009/07/13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2010/02/06 00:34:01 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009/07/14 03:09:30 | 000,010,240 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_07e2c405948a55f4\serial.sys.mui
[2009/07/14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009/07/13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009/06/10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010/11/05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:C8B8CEBD

< End of report >

OTL Extras logfile created on: 26. 12. 2013 16:02:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Turbo\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,99 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 61,09% Memory free
5,98 Gb Paging File | 4,53 Gb Available in Paging File | 75,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 254,14 Gb Total Space | 39,42 Gb Free Space | 15,51% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 28,04 Gb Free Space | 96,72% Space Free | Partition Type: NTFS

Computer Name: TURBO-PC | User Name: Turbo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3825014317-2607772001-1910489964-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F47100-2690-4847-A8D7-E12F237978CB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0411292E-0261-4E9C-B4C8-7AFB93BBC129}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{19D6058B-B815-41C2-B82C-55640ECCAF8C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{225CEF2B-E439-4BA0-BC6E-599C3EC0CBB7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{34DFBD17-E12D-43A8-BC19-F4F8DF33FBC1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{35A30AAB-1B1A-446A-BBF5-3BF615815F29}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3DCEF0F4-6213-4AC1-88AC-7B408CEEF6E6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{45B6A9EB-E3D7-4915-B22C-F56DE9E663AC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{47D2AF80-ACA9-479D-8649-E6A753CB951A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{57DBC54E-1AD7-4FBD-A232-29C6C69F9E69}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6257EB80-DEBD-4807-8DA2-0AD0B224ED7A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6C58EEF8-2CA8-48C1-B8E6-844246FE949F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73514738-B2AB-4DD6-A2C4-3842381A6DF4}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{73A48FF0-F4A4-4547-B54E-B5836DC2BED7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{840A2B39-3442-4327-AEE1-167EDB78AD2D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8517731C-A1CC-4C75-BDCA-A00A71AB2501}" = rport=137 | protocol=17 | dir=out | app=system |
"{878071E5-9C8C-47CA-9EC8-709704F5532F}" = rport=139 | protocol=6 | dir=out | app=system |
"{8D012A85-16F7-4FFC-9AE1-F267E9B5B6DF}" = lport=138 | protocol=17 | dir=in | app=system |
"{98DAE93B-ABBA-45C9-B109-E1816A714D27}" = rport=445 | protocol=6 | dir=out | app=system |
"{9AA36AA2-3CBC-40F5-94DE-ACABADF20AE1}" = rport=138 | protocol=17 | dir=out | app=system |
"{9ADA10ED-5CDD-493A-A447-0A8AB846A99E}" = lport=139 | protocol=6 | dir=in | app=system |
"{9EA80963-51E8-4494-AD1E-BD970AB966F4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A010F8EB-ABAF-43A1-BDDF-F5D5CA7B13D2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A1F89A2D-7C23-428F-A767-817DCF66D905}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9352BD2-D26C-435E-A7A5-DA5ED5BD5B6F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AB7A22E8-BEAB-4D71-BFB2-F3F1498713D2}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B2D081E6-86C0-483B-9B98-7587B22684D0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B98E1E29-3D59-4720-BF4F-05874B125C36}" = lport=137 | protocol=17 | dir=in | app=system |
"{D16082B4-1DA1-4A11-BB0F-631EDB6C53FF}" = lport=445 | protocol=6 | dir=in | app=system |
"{D504D1EB-F279-4464-A90E-EB08A5C8F103}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D52F40F9-C5D6-49EF-B0B7-5E6D5770A4A6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DB6B77AE-87AA-4BAC-B694-D99027CE0D77}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E4176E19-8B4A-4F18-B424-0645D09A5183}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E60D7F60-99CA-4570-8065-7C119B37427C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E90D9FE2-418A-40CD-BFC3-4D06582968C3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F2894D6C-49CD-4408-B86E-9D08A696ED59}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F5898A-1039-401A-B581-AA0599AEA2E6}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{0230B85A-E76B-4E1B-8A1F-7BAF5EE5166F}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{064E3013-9993-4564-93E1-4A8B96F3060F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0BD7FD15-E651-4303-BECD-F296FAA15A1E}" = protocol=17 | dir=in | app=c:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{0EC0A122-E2B5-460F-861C-33423C06D532}" = dir=in | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{11321B8A-3E99-494D-8262-47AAD07F8286}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18EE7E23-350E-4FC6-8412-C404D8BD4847}" = protocol=6 | dir=in | app=c:\program files\dragon age\daoriginslauncher.exe |
"{1923E97C-3942-4C66-A076-85074BB30BB4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19FF1E87-EFD3-42AF-9C87-559C214EC5F8}" = protocol=17 | dir=in | app=c:\program files\dragon age\bin_ship\daorigins.exe |
"{1FB2FD44-C8F1-451D-8114-F452819582E8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{205E89FB-3B0A-4106-A704-E4E854AD65AA}" = dir=in | app=c:\program files\nokia\nokia suite\nokiasuite.exe |
"{22CB49EE-251A-46B0-8B13-AC5AD66F5080}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{239B280D-DDF2-42AA-A365-6D9DE449ED22}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{268E8291-DDF1-46B9-947C-D0A58858901C}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{2749187F-8517-4665-A48A-6CF966FD01AF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{27E96207-ACAA-414E-8F33-B56BB3B72E8E}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{29D03098-7204-409A-B769-87084E3EBEFB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37571D2C-1E05-4F26-B843-3C07EA858459}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3A889570-4D7C-4DF6-8979-17D80AC04CD8}" = protocol=6 | dir=in | app=c:\program files\electronic arts\the battle for middle-earth (tm) ii\game.dat |
"{3EB7F296-CED5-45C9-A7FD-5D17D11DFBF8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{59EBEAF3-1811-4354-A3DC-53E56AC8C84A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A12EDE4-AE64-4C72-BE7A-E33738DAD311}" = protocol=17 | dir=in | app=c:\program files\electronic arts\the battle for middle-earth (tm) ii\game.dat |
"{68315A0E-BF53-403F-957B-170CEE4AEF2A}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe |
"{68CC3792-F464-433A-B652-2761E8BD1080}" = dir=in | app=c:\program files\nokia\nokia suite\nokiasuite.exe |
"{6AC46316-6684-4BCD-8D64-06D3458B12D9}" = protocol=6 | dir=in | app=c:\program files\dragon age\bin_ship\daorigins.exe |
"{7892BB98-DDE2-4BAD-B04E-0700CFE68E4B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{792583E1-0DEA-4336-A650-8B95C4BF0169}" = dir=out | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{79D6B5E3-E2B6-46C8-B1CA-E6C50E120D8D}" = dir=out | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{8D45D89C-2749-49EA-95C5-42C5C9F71801}" = dir=in | app=c:\program files\nokia\nokia suite\nokiasuite.exe |
"{91DF7294-B06B-418D-B44F-30DB1614F6A2}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{A0C55A90-66A0-4A49-A61E-30695026832D}" = protocol=6 | dir=in | app=c:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{A58A7D52-743C-4B2D-81B8-550D6921791A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BBBA755E-1FEE-45F1-A69A-BD1718738A6A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BF02C384-3D73-4E4C-9F93-76ED04A66665}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{C70F1291-DDD9-402B-B9BC-7A9B476C1F10}" = dir=in | app=c:\windows\system32\igrssvcs.exe |
"{C86CD6EE-C480-4AB5-AF1B-3F62A58DD1D7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CAF488CB-20DA-4BAC-96F9-81F26AB910AF}" = dir=out | app=c:\windows\system32\igrssvcs.exe |
"{CE933598-70D0-4A0D-9864-3A9BEED0D118}" = dir=in | app=c:\program files\lenovo\readycomm\common\igrs.exe |
"{D24E962B-A3C4-4A14-AB20-F6FD3BE70333}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{DB60D335-EC6C-4128-9C46-2558172F9FA7}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{E1C25A38-407F-4E33-960F-2CBCC517DC88}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{EB98267C-C7F5-4C1C-B51A-6FEED42AD925}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ED378174-D806-4CFA-89A6-252C59406079}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{F00172FD-7C6F-4D9A-9D3F-9BD61A36C1CF}" = protocol=6 | dir=out | app=system |
"{F6D15BFB-AF94-4F67-A265-FC6D39F53950}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FCAD275A-BB86-4028-B3AF-505DDCC77909}" = protocol=17 | dir=in | app=c:\program files\dragon age\daoriginslauncher.exe |
"TCP Query User{2D9A73C6-F2C2-49D2-B12B-65AE9906F68F}C:\program files\spectromancer - truth and beauty\spectromancer.exe" = protocol=6 | dir=in | app=c:\program files\spectromancer - truth and beauty\spectromancer.exe |
"TCP Query User{5E915F93-D3D9-438F-8D2A-63A9C6E5CD7D}C:\program files\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=c:\program files\valve\portal 2\portal2.exe |
"TCP Query User{99F88996-1005-4812-97C3-EAFEB86C6746}C:\program files\3do\heroes 3 complete\heroes3.exe" = protocol=6 | dir=in | app=c:\program files\3do\heroes 3 complete\heroes3.exe |
"TCP Query User{9B1A8A25-13FE-45D1-8575-AA8B4BB31FBF}C:\program files\steam\half life 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\half life 2\hl2.exe |
"TCP Query User{A4B6B51B-A014-4665-B4AC-1637F2EBCAB4}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{C11E250E-C7DC-41F6-9ED1-32207AB7FF6D}C:\program files\lenovo\lenovo directshare\directshare.exe" = protocol=6 | dir=in | app=c:\program files\lenovo\lenovo directshare\directshare.exe |
"TCP Query User{EBD98773-FBC7-4979-8ECA-ADBB8B0C74CF}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{F7194E83-1B0B-4FE5-9A2D-CD14F607907A}C:\program files\jowood\spellforce\spellforce.exe" = protocol=6 | dir=in | app=c:\program files\jowood\spellforce\spellforce.exe |
"UDP Query User{22908780-17E0-4699-99F3-E7E152347229}C:\program files\lenovo\lenovo directshare\directshare.exe" = protocol=17 | dir=in | app=c:\program files\lenovo\lenovo directshare\directshare.exe |
"UDP Query User{5156B2DA-CCF5-407F-8E90-06170DA5ACD3}C:\program files\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=c:\program files\valve\portal 2\portal2.exe |
"UDP Query User{65968CEF-2426-4F45-A9A3-8F2711674CF8}C:\program files\3do\heroes 3 complete\heroes3.exe" = protocol=17 | dir=in | app=c:\program files\3do\heroes 3 complete\heroes3.exe |
"UDP Query User{67DD6363-72A1-4CC7-B7D4-3B38735D1508}C:\program files\steam\half life 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\half life 2\hl2.exe |
"UDP Query User{73F0874C-8B58-49DF-A9DF-A88C69A17D5E}C:\program files\jowood\spellforce\spellforce.exe" = protocol=17 | dir=in | app=c:\program files\jowood\spellforce\spellforce.exe |
"UDP Query User{B58A9BEB-FDB2-4C70-81DB-96A1C383C766}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{EA64FDCC-7420-4A41-B7B1-319E71EE5990}C:\program files\spectromancer - truth and beauty\spectromancer.exe" = protocol=17 | dir=in | app=c:\program files\spectromancer - truth and beauty\spectromancer.exe |
"UDP Query User{EBCBD165-38E5-4976-821B-65ADCF76C935}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}" = Corel Graphics - Windows Shell Extension
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{02C0A02E-AB30-446C-B4C3-A03310D95F53}" = Windows Live UX Platform Language Pack
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0AC416C3-A600-4A98-B5E1-A629498241DB}" = Adobe Illustrator 10 Tryout
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C808377-8C23-44ED-9016-05F42E6D4900}" = Nokia Suite
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.7.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth (tm) II
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3AB4E8CB-3321-4D43-8A59-885338A6EBF9}" = STATISTICA 8.0.725.0 CS
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41E4FA4B-9376-4C32-AA46-65FCC0087CD5}" = Windows Live Remote Service Resources
"{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}" = Ballance
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}" = Doplnok programu Messenger
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DB27D3-FE05-4227-AF5A-11CD101ECF09}" = Corel Graphics - Windows Shell Extension
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8874FD36-7C9D-4573-8956-E368D6753D90}" = Worms 3D
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AC01A0D-42B6-4A55-AD7A-A545A7AE5364}" = Enclave
"{8C363CB9-9F31-4349-8491-762C42D3FDFB}" = CambridgeSoft Desktop Inventory 12.0
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{962E05CF-3394-496D-0091-850CF1762F6B}" = The Battle for Middle-earth (tm)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A1E1083D-249D-483C-AD92-CDCFA230A4C7}" = STATISTICA CambridgeSoft Integration
"{A27DED03-CADE-4847-97D8-B198A8E57F3E}" = Windows Live Family Safety
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.1.58
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Czech
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Prameny
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 301.42
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision radič ovládača 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovládač zvuku HD 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B52ACD93-EC14-4DC7-A95F-10B0F4BA4A42}" = ESET Smart Security
"{B536CA63-8BB3-4027-A495-84DD9FED17EC}" = Windows Live Sync
"{B7B5A370-3DFF-4F0E-AE11-FD267C4938AA}" = CCS64 V3.8
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D06EF6C2-62D8-4308-897E-B20FE81712B4}" = CambridgeSoft ChemBioOffice Ultra 2010
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFB19121-0609-49C1-92B1-546E5A940FE8}" = Onekey Theater
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E145D9BE-D521-4527-A85D-2B2D47725506}" = CambridgeSoft ChemScript 12.0
"{E1629C45-9CEF-498E-83CD-D6A09CADA176}" = Windows Live Remote Client Resources
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}" = CambridgeSoft Activation Client
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECE4289B-68C8-4D30-9C65-84CC2052CCFF}" = CambridgeSoft BioAssay 12.0
"{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F596E368-2A1D-4896-AB37-C81BFA4DD011}" = CambridgeSoft ENotebook 12.0.1
"{F68563C0-2CCD-4799-A014-017A370D627B}" = Sběratelská edice Heroes of Might and Magic V
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}" = Lenovo EasyCamera
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"2004BB9EB6CEA02846881BEF1F51C11F7A90C9D6" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430)
"A6A8668C0A13640CA28FE2A7D9654BE4AE478B13" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"ACDLabs in C__Program_Files_ACDFREE12_" = ACD/Labs Software in C:\Program Files\ACDFREE12\
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"B7541EC5F72AA713F557569278EB6273725F5607" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner
"Cities XL 2011" = Cities XL 2011
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Cogs 1.3" = Cogs 1.3
"ČSN ISO 690:2011" = ČSN ISO 690:2011 0.5
"doPDF 7 printer_is1" = doPDF 7.3 printer
"EDuke32" = EDuke32 1.4.0 beta 2
"Elantech" = ETDWare PS/2-x86 7.0.4.13_WHQL
"Game Maker 8.0" = Game Maker 8.0
"Gothic II" = Gothic II
"Heroes of Might and Magic III Complete" = Heroes of Might and Magic III Complete
"Hospital" = Theme Hospital
"Chaser" = Chaser
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"KolejNET" = KolejNET
"Legacy of Kain: Defiance" = Legacy of Kain: Defiance 1.0
"MestReNova LITE" = MestReNova LITE 5.2.5-4731
"Microsoft DirectX SDK (June 2010)" = Microsoft DirectX SDK (June 2010)
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Postal 2" = Postal 2
"Postal 2_is1" = Portal 2
"PROHYBRIDR" = 2007 Microsoft Office system
"PROR" = Microsoft Office Professional 2007
"pywin32-py2.5" = Python 2.5 pywin32-210
"R'n'D jue_is1" = R'n'D jue 3.3.0.0
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.4 for Windows
"Sierra Utilities" = Sierra Utilities
"SpellForce" = SpellForce
"STATNOVAPDF_is1" = STATNOVAPDF (novaPDF Professional Server 5.4 printer)
"SystemRequirementsLab" = System Requirements Lab
"VeriFace" = VeriFace
"VLC media player" = VLC media player 2.0.8
"Warcraft III" = Warcraft III
"Warzone 2100" = Warzone 2100
"Warzone 2100-2.3.9" = Warzone 2100-2.3.9
"Warzone 2100-3.1_rc3" = Warzone 2100-3.1_rc3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3825014317-2607772001-1910489964-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11. 12. 2013 9:43:10 | Computer Name = Turbo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 11. 12. 2013 10:22:58 | Computer Name = Turbo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 11. 12. 2013 10:22:58 | Computer Name = Turbo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 12. 12. 2013 2:03:44 | Computer Name = Turbo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 12. 12. 2013 2:03:44 | Computer Name = Turbo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 12. 12. 2013 9:21:48 | Computer Name = Turbo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 12. 12. 2013 9:21:48 | Computer Name = Turbo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 12. 12. 2013 15:47:31 | Computer Name = Turbo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 12. 12. 2013 15:47:31 | Computer Name = Turbo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 14. 12. 2013 9:29:05 | Computer Name = Turbo-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: WorldOfGoo.exe, verzia: 0.0.0.0, časová
značka: 0x48efdacc Názov chybového modulu: WorldOfGoo.exe, verzia: 0.0.0.0, časová
značka: 0x48efdacc Kód výnimky: 0xc0000005 Odstup chyby: 0x00088a43 Identifikácia
chybného procesu: 0x1398 Čas spustenia chybnej aplikácie: 0x01cef8d07442b7e7 Cesta
chybnej aplikácie: C:\Program Files\WorldOfGoo\WorldOfGoo.exe Cesta chybného modulu:
C:\Program Files\WorldOfGoo\WorldOfGoo.exe Identifikácia hlásenia: b39234f7-64c3-11e3-a0a2-705ab655c577

[ Media Center Events ]
Error - 12. 8. 2010 11:58:36 | Computer Name = Turbo-PC | Source = MCUpdate | ID = 0
Description = 17:58:36 - Chyba pripájania na Internet. 17:58:36 - Nebolo možné
spojiť sa so serverom..

Error - 12. 8. 2010 11:58:45 | Computer Name = Turbo-PC | Source = MCUpdate | ID = 0
Description = 17:58:41 - Chyba pripájania na Internet. 17:58:41 - Nebolo možné
spojiť sa so serverom..

Error - 12. 8. 2010 12:58:49 | Computer Name = Turbo-PC | Source = MCUpdate | ID = 0
Description = 18:58:49 - Chyba pripájania na Internet. 18:58:49 - Nebolo možné
spojiť sa so serverom..

Error - 12. 8. 2010 12:58:55 | Computer Name = Turbo-PC | Source = MCUpdate | ID = 0
Description = 18:58:54 - Chyba pripájania na Internet. 18:58:54 - Nebolo možné
spojiť sa so serverom..

Error - 12. 8. 2010 13:59:00 | Computer Name = Turbo-PC | Source = MCUpdate | ID = 0
Description = 19:59:00 - Chyba pripájania na Internet. 19:59:00 - Nebolo možné
spojiť sa so serverom..

Error - 12. 8. 2010 13:59:05 | Computer Name = Turbo-PC | Source = MCUpdate | ID = 0
Description = 19:59:05 - Chyba pripájania na Internet. 19:59:05 - Nebolo možné
spojiť sa so serverom..

Error - 13. 8. 2010 11:29:20 | Computer Name = Turbo-PC | Source = MCUpdate | ID = 0
Description = 17:29:20 - Chyba pripájania na Internet. 17:29:20 - Nebolo možné
spojiť sa so serverom..

Error - 13. 8. 2010 11:29:31 | Computer Name = Turbo-PC | Source = MCUpdate | ID = 0
Description = 17:29:26 - Chyba pripájania na Internet. 17:29:26 - Nebolo možné
spojiť sa so serverom..

Error - 14. 8. 2010 3:38:54 | Computer Name = Turbo-PC | Source = MCUpdate | ID = 0
Description = 9:38:54 - Chyba pripájania na Internet. 9:38:54 - Nebolo možné
spojiť sa so serverom..

Error - 14. 8. 2010 3:39:05 | Computer Name = Turbo-PC | Source = MCUpdate | ID = 0
Description = 9:38:59 - Chyba pripájania na Internet. 9:38:59 - Nebolo možné
spojiť sa so serverom..

[ OSession Events ]
Error - 10. 11. 2010 13:42:19 | Computer Name = Turbo-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 57
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12. 5. 2013 7:41:11 | Computer Name = Turbo-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11428
seconds with 10080 seconds of active time. This session ended with a crash.

Error - 12. 5. 2013 7:47:44 | Computer Name = Turbo-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 379
seconds with 360 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 25. 12. 2013 16:05:33 | Computer Name = Turbo-PC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: sfdrv01 sfsync02

Error - 25. 12. 2013 16:07:38 | Computer Name = Turbo-PC | Source = Service Control Manager | ID = 7038
Description = Službe nvUpdatusService sa nepodarilo s aktuálne nakonfigurovaným
heslom prihlásiť ako .\UpdatusUser kvôli nasledujúcej chybe: %%1330 Ak chcete zabezpečiť
správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management
Console).

Error - 25. 12. 2013 16:07:38 | Computer Name = Turbo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NVIDIA Update Service Daemon zlyhalo kvôli nasledujúcej
chybe: %%1069

Error - 26. 12. 2013 5:39:14 | Computer Name = Turbo-PC | Source = Application Popup | ID = 875
Description = Driver sfsync02.sys has been blocked from loading.

Error - 26. 12. 2013 5:39:15 | Computer Name = Turbo-PC | Source = Application Popup | ID = 875
Description = Driver sfdrv01.sys has been blocked from loading.

Error - 26. 12. 2013 5:39:37 | Computer Name = Turbo-PC | Source = Application Popup | ID = 875
Description = Driver atksgt.sys has been blocked from loading.

Error - 26. 12. 2013 5:39:37 | Computer Name = Turbo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby atksgt zlyhalo kvôli nasledujúcej chybe: %%1275

Error - 26. 12. 2013 5:39:42 | Computer Name = Turbo-PC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
zlyhali pri načítaní: sfdrv01 sfsync02

Error - 26. 12. 2013 5:41:49 | Computer Name = Turbo-PC | Source = Service Control Manager | ID = 7038
Description = Službe nvUpdatusService sa nepodarilo s aktuálne nakonfigurovaným
heslom prihlásiť ako .\UpdatusUser kvôli nasledujúcej chybe: %%1330 Ak chcete zabezpečiť
správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management
Console).

Error - 26. 12. 2013 5:41:49 | Computer Name = Turbo-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby NVIDIA Update Service Daemon zlyhalo kvôli nasledujúcej
chybe: %%1069


< End of report >

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivka

#19 Příspěvek od Márty84 »

:!: Vypnete antivir, at nebrani programu v praci!
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
SkypeUpdate
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3825014317-2607772001-1910489964-1003Core1ceebb13a91d691.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3825014317-2607772001-1910489964-1003UA1ceebb13ad1ecd7.job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3825014317-2607772001-1910489964-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKU\S-1-5-21-3825014317-2607772001-1910489964-1003\..\SearchScopes\{5F3BEBD5-F6C6-A4B8-EDD2-A6F5F61813A8}: "URL" = http://www.buzqo.com/s/?q={searchTerms}&iesrc={referrer:source?}&cfg=2-401-0-2xDj3
O4 - HKU\S-1-5-21-3825014317-2607772001-1910489964-1003..\Run: [] File not found
[9 C:\Users\Turbo\Documents\*.tmp files -> C:\Users\Turbo\Documents\*.tmp -> ]
[5 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
@Alternate Data Stream - 6144 bytes -> C:\windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:C8B8CEBD

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
""=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Blare
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 06 pro 2011 19:54

Re: Preventivka

#20 Příspěvek od Blare »

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Blare
->Temp folder emptied: 50311 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Turbo
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 8783 bytes
->Java cache emptied: 14489039 bytes
->FireFox cache emptied: 376582428 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 8630 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: user
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 31510 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 373,00 mb


[EMPTYFLASH]

User: All Users

User: Blare
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: TEMP
->Flash cache emptied: 0 bytes

User: Turbo
->Flash cache emptied: 0 bytes

User: UpdatusUser
->Flash cache emptied: 0 bytes

User: user

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
C:\windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3825014317-2607772001-1910489964-1003Core1ceebb13a91d691.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3825014317-2607772001-1910489964-1003UA1ceebb13ad1ecd7.job moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3825014317-2607772001-1910489964-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3825014317-2607772001-1910489964-1003\Software\Microsoft\Internet Explorer\SearchScopes\{5F3BEBD5-F6C6-A4B8-EDD2-A6F5F61813A8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5F3BEBD5-F6C6-A4B8-EDD2-A6F5F61813A8}\ not found.
Registry value HKEY_USERS\S-1-5-21-3825014317-2607772001-1910489964-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\Users\Turbo\Documents\FAP1C97.tmp deleted successfully.
C:\Users\Turbo\Documents\FAP5DBD.tmp deleted successfully.
C:\Users\Turbo\Documents\FAPB7D3.tmp deleted successfully.
C:\Users\Turbo\Documents\FAPB95D.tmp deleted successfully.
C:\Users\Turbo\Documents\FAPCAD0.tmp deleted successfully.
C:\Users\Turbo\Documents\FAPCFD3.tmp deleted successfully.
C:\Users\Turbo\Documents\FAPD06B.tmp deleted successfully.
C:\Users\Turbo\Documents\FAPD8BF.tmp deleted successfully.
C:\Users\Turbo\Documents\FAPD94F.tmp deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4FE4.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C81.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP77FF.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD2F8.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEFFA.tmp\System.AddIn.Contract.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEFFA.tmp folder deleted successfully.
C:\windows\Installer\MSID8B.tmp deleted successfully.
ADS C:\windows\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
ADS C:\ProgramData\Temp:C8B8CEBD deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 12262013_171637

Files\Folders moved on Reboot...
C:\Users\Turbo\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivka

#21 Příspěvek od Márty84 »

:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

:arrow: Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

:arrow: Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

:arrow: Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak je na tom pc.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Blare
Návštěvník
Návštěvník
Příspěvky: 33
Registrován: 06 pro 2011 19:54

Re: Preventivka

#22 Příspěvek od Blare »

Myslim, ze slape ako novy :). Diki moc! Bol az tak zavireny?

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Preventivka

#23 Příspěvek od Márty84 »

No nejaka ta havet tam byla a jinak brzdy a zbytecnosti.

Pokud je tedy jako novy :D , mame hotovo a muzem to uzavrit.

Nemate zac! :)

Mejte se a treba zase nekdy :bye:

:closed:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Zamčeno