PC-HELP.CZ

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:12:30, on 24. 12. 2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_s ... default&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_s ... default&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [IntellingentTouchpad] C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Lam\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{3BAD0226-4627-422F-B092-A25EE250FE75}: NameServer = 8.8.8.8,8.8.4.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 9583 bytes

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

===================================================

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

====================================================

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Mbam:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.23.05

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Lam :: MANTIK [administrátor]

24. 12. 2013 13:57:31
mbam-log-2013-12-24 (13-57-31).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 236642
Uplynulý čas: 3 minut, 39 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Adw:
# AdwCleaner v3.016 - Report created 24/12/2013 at 14:09:07
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Lam - MANTIK
# Running from : C:\Users\Lam\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\user.js
File Found : C:\WINDOWS\System32\Tasks\NCH Software
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\e22zqdjjlmc@o-lu.com
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\e22zqdjjlmc@o-lu.com
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\e22zqdjjlmc@o-lu.com
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\kvqlbu@mzuzqja.com
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\kvqlbu@mzuzqja.com
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\kvqlbu@mzuzqja.com
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\os8-eaie@ftn-j.net
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\os8-eaie@ftn-j.net
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\os8-eaie@ftn-j.net
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\pzlf4t@gdxg-.co.uk
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\pzlf4t@gdxg-.co.uk
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\pzlf4t@gdxg-.co.uk
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\uit6yo@eaeorueeeieu.org
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\uit6yo@eaeorueeeieu.org
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\uit6yo@eaeorueeeieu.org
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\ynsqe5ixo9@baogpyivowr.co.uk
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\ynsqe5ixo9@baogpyivowr.co.uk
Folder Found : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\ynsqe5ixo9@baogpyivowr.co.uk
Folder Found C:\Program Files (x86)\hosts
Folder Found C:\Program Files (x86)\LiveSupport
Folder Found C:\Program Files (x86)\Mobogenie
Folder Found C:\Program Files (x86)\outobox
Folder Found C:\Program Files (x86)\Search-NewTab
Folder Found C:\Program Files (x86)\Vaudixx
Folder Found C:\Program Files (x86)\YoutubeAdblocker
Folder Found C:\ProgramData\NCH Software
Folder Found C:\ProgramData\QuickSet
Folder Found C:\ProgramData\Suref aNd keep
Folder Found C:\ProgramData\surf aNd keep
Folder Found C:\ProgramData\Vaudixx
Folder Found C:\ProgramData\WinterSoft
Folder Found C:\ProgramData\YoutubeAdblocker
Folder Found C:\Users\Lam\AppData\Local\Mobogenie
Folder Found C:\Users\Lam\AppData\Local\Pokki
Folder Found C:\Users\Lam\AppData\Local\thinstall
Folder Found C:\Users\Lam\AppData\Roaming\thinstall
Folder Found C:\Users\Lam\Documents\Mobogenie

***** [ Shortcuts ] *****

Shortcut Found : C:\Users\Lam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.dosearches.com/?utm_source=b ... 1384256040 )
Shortcut Found : C:\Users\Lam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.dosearches.com/?utm_source=b ... 1384256040 )

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b ... 1384256040
Key Found : HKCU\Software\AppDataLow\Software\hosts
Key Found : HKCU\Software\Popajar
Key Found : HKCU\Software\SmileysWeLove
Key Found : [x64] HKCU\Software\Popajar
Key Found : [x64] HKCU\Software\SmileysWeLove
Key Found : HKLM\SOFTWARE\Classes\and
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\Software\hosts
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1f265c0f-b457-431c-b860-178ae338792f}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35c60f99-ae77-4499-a9ce-90b8ac96ac65}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66195f65-c2cc-432c-babc-19fb4d5480e4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f01086c0-e8dc-4079-b146-52755d5b5634}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5e5d7ae-983a-4685-bb91-e780660a2f7e}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.dosearches.com/web/?utm_s ... default&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.dosearches.com/web/?utm_s ... default&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.dosearches.com/web/?utm_s ... default&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.dosearches.com/?utm_source=b ... 1384256040
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.dosearches.com/web/?utm_s ... default&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.dosearches.com/?utm_source=b ... 1384256040

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\prefs.js ]

Line Found : user_pref("browser.startup.homepage", "hxxp://www.dosearches.com/?utm_source=b&utm_medium=wpc&utm_campaign=rg&utm_content=hp&from=wpc&uid=ST1000LM024XHN-M101MBB_S2U5J9FCB27584&ts=1384256040");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationThankYouPage", false);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationTime", 1372328197);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationUserSettings.searchUserConifrmation", false);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationUserSettings.setHomepage", false);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationUserSettings.setNewTab", false);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationUserSettings.setSearch", false);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.active", true);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.addressbar", "");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.addressbarenhanced", "");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.asyncdb_dbWasSet", true);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.asyncinternaldb_dbWasSet", true);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.backgroundver", 4);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.can_run_bg_code", true);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.certdomaininstaller", "");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.changeprevious", false);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.InstallationTime.value", "1372328197");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.rules.expiration", "Sun Jul 07 2013 11:57:42 GMT+0200");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.rules.value", "%22%23%20CZ%5Cn%22");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.description", "hosts");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.domain", "");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.enablesearch", false);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.homepage", "");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.iframe", false);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%225BF3070D5DE34459B937D1CC09F98[...]
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_appVer.value", "16");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_lastVersion.value", "12");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_meta.value", "%7B%7D");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_nextCheck.expiration", "Thu Jul 04 2013 12:39:30 GMT+0200");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_nextCheck.value", "true");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_queue.value", "%7B%7D");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.manifesturl", "");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.name", "hosts");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.newtab", "");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.opensearch", "");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_1.name", "base");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_1.ver", 6);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSele[...]
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_13.ver", 3);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;[...]
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_14.ver", ;
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_16.name", "FFAppAPIWrapper");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_16.ver", 9);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_17.name", "jQuery");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_17.ver", 4);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_21.name", "debug");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_21.ver", 4);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_22.name", "resources");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_22.ver", 4);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_28.name", "initializer");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_28.ver", 3);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_4.name", "jquery_1_7_1");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_4.ver", 4);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_47.name", "resources_background");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_47.ver", 3);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(type[...]
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_64.name", "appApiMessage");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_64.ver", 2);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var d={WRON[...]
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_72.name", "appApiValidation");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_72.ver", 3);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefin[...]
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_78.ver", 3);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=functio[...]
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_98.name", "omniCommands");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_98.ver", 2);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,28");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/35382/plugins/091/ff/plugins.json");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.pluginsversion", 1);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.publisher", "DownLite");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.searchstatus", 0);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.setnewtab", false);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.thankyou", "");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.updateinterval", 360);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.ver", 16);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.adsOldValue", -1);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.apps", "35382");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.bic", "13f8523ef9292240920bf69dfd4d87a0");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.cid", 35382);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.firstrun", false);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.hadappinstalled", true);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.installationdate", 1372328292);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.lastcheck", 22881880);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.lastcheckitem", 22882209);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.modetype", "production");
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.reportInstall", true);
Line Found : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.statsDailyCounter", 20);
Line Found : user_pref("extensions.llkGuYwRn.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};try{new function(){if(null==document.getElementById(\"id_arrrrppdjafklbvnn4440[...]
Line Found : user_pref("extensions.wyMjl_jlg.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};try{new function(){if(null==document.getElementById(\"id_arrrrppdjafklbvnn4440[...]

*************************

AdwCleaner[R2].txt - [24532 octets] - [24/12/2013 14:09:07]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [24593 octets] ##########


JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8.1 x64
Ran by Lam on Łt 24. 12. 2013 at 14:17:40,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smallfrogs studio
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}



~~~ Files

Successfully disinfected: [Shortcut] C:\Users\Lam\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Lam\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\Lam\appdata\local\thinstall"
Failed to delete: [Folder] "C:\Program Files (x86)\hosts"
Failed to delete: [Folder] "C:\Program Files (x86)\livesupport"
Failed to delete: [Folder] "C:\Program Files (x86)\search-newtab"



~~~ FireFox

Successfully deleted: [File] C:\Users\Lam\AppData\Roaming\mozilla\firefox\profiles\jgia5n34.default\user.js
Successfully deleted the following from C:\Users\Lam\AppData\Roaming\mozilla\firefox\profiles\jgia5n34.default\prefs.js

user_pref("browser.startup.homepage", "hxxp://www.dosearches.com/?utm_source=b&utm_medium=wpc&utm_campaign=rg&utm_content=hp&from=wpc&uid=ST1000LM024XHN-M101MBB_S2U5J9FCB27584
user_pref("extensions.llkGuYwRn.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};try{new function(){if(null==document.getElementById(\
user_pref("extensions.wyMjl_jlg.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};try{new function(){if(null==document.getElementById(\



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 24. 12. 2013 at 14:20:31,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

# AdwCleaner v3.016 - Report created 25/12/2013 at 16:11:24
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Lam - MANTIK
# Running from : C:\Users\Lam\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\QuickSet
Folder Deleted : C:\ProgramData\WinterSoft
Folder Deleted : C:\ProgramData\YoutubeAdblocker
Folder Deleted : C:\ProgramData\Suref aNd keep
Folder Deleted : C:\ProgramData\surf aNd keep
Folder Deleted : C:\ProgramData\Vaudixx
Folder Deleted : C:\Program Files (x86)\LiveSupport
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\outobox
Folder Deleted : C:\Program Files (x86)\Search-NewTab
Folder Deleted : C:\Program Files (x86)\YoutubeAdblocker
Folder Deleted : C:\Program Files (x86)\hosts
Folder Deleted : C:\Program Files (x86)\Vaudixx
Folder Deleted : C:\Users\Lam\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Lam\AppData\Local\Pokki
Folder Deleted : C:\Users\Lam\Documents\Mobogenie
Folder Deleted : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\e22zqdjjlmc@o-lu.com
Folder Deleted : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\kvqlbu@mzuzqja.com
Folder Deleted : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\os8-eaie@ftn-j.net
Folder Deleted : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\pzlf4t@gdxg-.co.uk
Folder Deleted : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\uit6yo@eaeorueeeieu.org
Folder Deleted : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\Extensions\ynsqe5ixo9@baogpyivowr.co.uk
File Deleted : C:\WINDOWS\System32\Tasks\NCH Software

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Lam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\and
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1f265c0f-b457-431c-b860-178ae338792f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35c60f99-ae77-4499-a9ce-90b8ac96ac65}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66195f65-c2cc-432c-babc-19fb4d5480e4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f01086c0-e8dc-4079-b146-52755d5b5634}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5e5d7ae-983a-4685-bb91-e780660a2f7e}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Popajar
Key Deleted : HKCU\Software\SmileysWeLove
Key Deleted : HKCU\Software\AppDataLow\Software\hosts
Key Deleted : HKLM\Software\hosts
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\prefs.js ]

Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationThankYouPage", false);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationTime", 1372328197);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationUserSettings.searchUserConifrmation", false);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationUserSettings.setHomepage", false);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationUserSettings.setNewTab", false);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.InstallationUserSettings.setSearch", false);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.active", true);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.addressbar", "");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.addressbarenhanced", "");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.asyncdb_dbWasSet", true);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.asyncinternaldb_dbWasSet", true);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.backgroundver", 4);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.can_run_bg_code", true);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.certdomaininstaller", "");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.changeprevious", false);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.InstallationTime.value", "1372328197");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.rules.expiration", "Sun Jul 07 2013 11:57:42 GMT+0200");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.cookie.rules.value", "%22%23%20CZ%5Cn%22");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.description", "hosts");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.domain", "");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.enablesearch", false);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.homepage", "");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.iframe", false);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%225BF3070D5DE34459B937D1CC09F98[...]
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_appVer.value", "16");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_lastVersion.value", "12");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_nextCheck.expiration", "Thu Jul 04 2013 12:39:30 GMT+0200");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.manifesturl", "");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.name", "hosts");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.newtab", "");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.opensearch", "");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_1.name", "base");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_1.ver", 6);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSele[...]
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_13.ver", 3);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;[...]
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_14.ver", ;
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_16.name", "FFAppAPIWrapper");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_16.ver", 9);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_17.name", "jQuery");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_17.ver", 4);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_21.name", "debug");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_21.ver", 4);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_22.name", "resources");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_22.ver", 4);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_28.name", "initializer");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_28.ver", 3);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_4.name", "jquery_1_7_1");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_4.ver", 4);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_47.name", "resources_background");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_47.ver", 3);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(type[...]
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_64.name", "appApiMessage");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_64.ver", 2);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var d={WRON[...]
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_72.name", "appApiValidation");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_72.ver", 3);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefin[...]
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_78.ver", 3);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=functio[...]
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_98.name", "omniCommands");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins.plugin_98.ver", 2);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,28");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/35382/plugins/091/ff/plugins.json");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.pluginsversion", 1);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.publisher", "DownLite");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.searchstatus", 0);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.setnewtab", false);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.thankyou", "");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.updateinterval", 360);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.35382.ver", 16);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.adsOldValue", -1);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.apps", "35382");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.bic", "13f8523ef9292240920bf69dfd4d87a0");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.cid", 35382);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.firstrun", false);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.hadappinstalled", true);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.installationdate", 1372328292);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.lastcheck", 22881880);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.lastcheckitem", 22882209);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.modetype", "production");
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.reportInstall", true);
Line Deleted : user_pref("extensions.a05dd836e2cbd42049ff32f8a8665967da8876730fb0c4057a2fcf9c09d438e81com35382.statsDailyCounter", 20);
Line Deleted : user_pref("extensions.llkGuYwRn.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};window.top==window.self&&\"undefined\"==typeof __yael_running&&(window.__yael_[...]
Line Deleted : user_pref("extensions.wyMjl_jlg.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};try{new function(){if(null==document.getElementById(\"id_arrrrppdjafklbvnn4440[...]

*************************

AdwCleaner[R3].txt - [24767 octets] - [24/12/2013 14:15:49]
AdwCleaner[R4].txt - [24083 octets] - [25/12/2013 16:10:16]
AdwCleaner[S2].txt - [20961 octets] - [25/12/2013 16:11:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [21022 octets] ##########


RogueKiller V8.7.13 _x64_ [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Lam [Práva správce]
Mód : Kontrola -- Datum : 12/25/2013 16:19:35
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] RTFTrack.exe -- C:\Windows\RTFTrack.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : EnableLUA (0) -> NALEZENO
[HJ SECU][PUM] HKLM\[...]\Wow6432Node\[...]\Security Center : UpdatesDisableNotify (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 3a06b487acf4bf97269bed8003ca0af6
[BSP] 2f386bd92e59708bb6f43c5c6293f66d : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_12252013_161935.txt >>

16:20:33.0446 4664 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:20:33.0446 4664 UEFI system
16:20:42.0791 4664 ============================================================
16:20:42.0791 4664 Current date / time: 2013/12/25 16:20:42.0791
16:20:42.0791 4664 SystemInfo:
16:20:42.0791 4664
16:20:42.0791 4664 OS Version: 6.2.9200 ServicePack: 0.0
16:20:42.0791 4664 Product type: Workstation
16:20:42.0791 4664 ComputerName: MANTIK
16:20:42.0791 4664 UserName: Lam
16:20:42.0791 4664 Windows directory: C:\WINDOWS
16:20:42.0791 4664 System windows directory: C:\WINDOWS
16:20:42.0791 4664 Running under WOW64
16:20:42.0791 4664 Processor architecture: Intel x64
16:20:42.0791 4664 Number of processors: 4
16:20:42.0791 4664 Page size: 0x1000
16:20:42.0791 4664 Boot type: Normal boot
16:20:42.0791 4664 ============================================================
16:20:43.0228 4664 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:20:43.0244 4664 ============================================================
16:20:43.0244 4664 \Device\Harddisk0\DR0:
16:20:43.0244 4664 GPT partitions:
16:20:43.0244 4664 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1E3364D7-8022-44E3-B3EF-D64521431DB5}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
16:20:43.0244 4664 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D9823BFD-D95E-49AC-8905-81AE749698D0}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
16:20:43.0244 4664 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {56D02F76-3CEC-491B-826F-42CFAE718C5C}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
16:20:43.0244 4664 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8783C73F-7B03-4AE7-904B-3CB971A4BEC8}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
16:20:43.0244 4664 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DA717B7E-DE89-49EC-A0A1-53604794211D}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6E7AD000
16:20:43.0244 4664 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {05B04B98-5772-44C6-B0A4-2AF9427D14C4}, Name: , StartLBA 0x6EC57800, BlocksNum 0xAF000
16:20:43.0244 4664 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F49C3789-4E7A-44A6-A823-E8E97227B0AC}, Name: Basic data partition, StartLBA 0x6ED06800, BlocksNum 0x3200000
16:20:43.0244 4664 \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {77EFD5F9-F88F-4848-9753-33BE95C569DB}, Name: Basic data partition, StartLBA 0x71F06800, BlocksNum 0x2800000
16:20:43.0244 4664 MBR partitions:
16:20:43.0244 4664 ============================================================
16:20:43.0275 4664 C: <-> \Device\Harddisk0\DR0\Partition5
16:20:43.0400 4664 D: <-> \Device\Harddisk0\DR0\Partition7
16:20:43.0400 4664 ============================================================
16:20:43.0400 4664 Initialize success
16:20:43.0400 4664 ============================================================
16:20:45.0353 2140 ============================================================
16:20:45.0353 2140 Scan started
16:20:45.0353 2140 Mode: Manual;
16:20:45.0353 2140 ============================================================
16:20:45.0760 2140 ================ Scan system memory ========================
16:20:45.0760 2140 System memory - ok
16:20:45.0760 2140 ================ Scan services =============================
16:20:46.0291 2140 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
16:20:46.0307 2140 1394ohci - ok
16:20:46.0338 2140 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
16:20:46.0338 2140 3ware - ok
16:20:46.0479 2140 [ 3D30878A269D934100FA5F972E53AF39 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
16:20:46.0479 2140 ACPI - ok
16:20:46.0510 2140 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
16:20:46.0510 2140 acpiex - ok
16:20:46.0525 2140 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
16:20:46.0525 2140 acpipagr - ok
16:20:46.0572 2140 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
16:20:46.0572 2140 AcpiPmi - ok
16:20:46.0588 2140 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
16:20:46.0588 2140 acpitime - ok
16:20:46.0650 2140 [ 3B42D95D20CD2AACDB0564471AE43ED7 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
16:20:46.0650 2140 ACPIVPC - ok
16:20:47.0463 2140 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:20:47.0463 2140 AdobeFlashPlayerUpdateSvc - ok
16:20:47.0713 2140 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:20:47.0713 2140 ADP80XX - ok
16:20:47.0791 2140 [ B19CA8E441D35AA2B1EE51C10B27DA1B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
16:20:47.0807 2140 AeLookupSvc - ok
16:20:47.0838 2140 [ 239268BAB58EAE9A3FF4E08334C00451 ] AFD C:\WINDOWS\system32\drivers\afd.sys
16:20:47.0838 2140 AFD - ok
16:20:47.0854 2140 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
16:20:47.0854 2140 agp440 - ok
16:20:47.0885 2140 [ 8E8E34B7BA059050EED827410D0697A2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:20:47.0885 2140 ahcache - ok
16:20:47.0932 2140 [ A91D8E1E433EFB32551BCE69037E1CE7 ] ALG C:\WINDOWS\System32\alg.exe
16:20:47.0932 2140 ALG - ok
16:20:47.0979 2140 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
16:20:47.0979 2140 AmdK8 - ok
16:20:48.0026 2140 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
16:20:48.0026 2140 AmdPPM - ok
16:20:48.0057 2140 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
16:20:48.0072 2140 amdsata - ok
16:20:48.0119 2140 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
16:20:48.0119 2140 amdsbs - ok
16:20:48.0166 2140 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
16:20:48.0166 2140 amdxata - ok
16:20:48.0213 2140 [ 04951A9A937CBE28A2D3FEEA360B6D1F ] AppID C:\WINDOWS\system32\drivers\appid.sys
16:20:48.0213 2140 AppID - ok
16:20:48.0260 2140 [ C0DC3F58214A227980AEB091CFD2F973 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
16:20:48.0260 2140 AppIDSvc - ok
16:20:48.0276 2140 [ 7E790DE2487CEDB349D1750B9E47F090 ] Appinfo C:\WINDOWS\System32\appinfo.dll
16:20:48.0291 2140 Appinfo - ok
16:20:48.0338 2140 [ 4B964AE0DF433A3BFA7BD24713BC2E9B ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
16:20:48.0338 2140 AppReadiness - ok
16:20:48.0401 2140 [ 0B726D9ED75C787D6FFAF1E3873BCC70 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
16:20:48.0416 2140 AppXSvc - ok
16:20:48.0432 2140 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
16:20:48.0432 2140 arcsas - ok
16:20:48.0463 2140 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys
16:20:48.0479 2140 atapi - ok
16:20:48.0494 2140 [ 51C6777AD7649F6C3ED389151CFD9DE6 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys
16:20:48.0510 2140 AthBTPort - ok
16:20:48.0666 2140 [ 67EC05E67E1416A51C478A5DAA59302E ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
16:20:48.0682 2140 AtherosSvc - ok
16:20:49.0213 2140 [ 2C7676F892E88FD190F08D98048C7C6C ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
16:20:49.0229 2140 athr - ok
16:20:49.0291 2140 [ 4903CBC14742B5AB4DCF7A92F7DEC483 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:20:49.0291 2140 AudioEndpointBuilder - ok
16:20:49.0338 2140 [ 86DD7884124D363A63CCE7A11FDEBBED ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
16:20:49.0354 2140 Audiosrv - ok
16:20:49.0369 2140 [ 96E8CAF20FC4B6C31CAD7816A801EB78 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
16:20:49.0369 2140 AxInstSV - ok
16:20:49.0401 2140 [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
16:20:49.0416 2140 b06bdrv - ok
16:20:49.0432 2140 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:20:49.0432 2140 BasicDisplay - ok
16:20:49.0447 2140 [ 2748E116F8621A4DB0D39FCDD7318C01 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
16:20:49.0447 2140 BasicRender - ok
16:20:49.0463 2140 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
16:20:49.0463 2140 bcmfn2 - ok
16:20:49.0572 2140 [ BBE61A40665B83488901E41082A6097D ] BDESVC C:\WINDOWS\System32\bdesvc.dll
16:20:49.0588 2140 BDESVC - ok
16:20:49.0619 2140 [ EC19013E4CF87609534165DF897274D6 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:20:49.0619 2140 Beep - ok
16:20:49.0744 2140 [ 6468B696C65775D51A06615830E0E79D ] BFE C:\WINDOWS\System32\bfe.dll
16:20:49.0760 2140 BFE - ok
16:20:49.0822 2140 [ 15225081966C785A9192782401643FD4 ] BITS C:\WINDOWS\System32\qmgr.dll
16:20:49.0838 2140 BITS - ok
16:20:49.0854 2140 [ 6B4FFFDDC618FCF64473CAA86E305697 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
16:20:49.0854 2140 bowser - ok
16:20:49.0932 2140 [ 748141CC03DF40C38F17D3F96BB15C80 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:20:49.0947 2140 BrokerInfrastructure - ok
16:20:49.0963 2140 [ D528D6A92D187777691993DD757AF19A ] Browser C:\WINDOWS\System32\browser.dll
16:20:49.0963 2140 Browser - ok
16:20:50.0010 2140 [ B600D86961C6DF87EEB637D4C4ABB663 ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys
16:20:50.0010 2140 BTATH_A2DP - ok
16:20:50.0072 2140 [ 43C965027229D9FF6E52E4C71C03B09E ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys
16:20:50.0072 2140 btath_avdt - ok
16:20:50.0119 2140 [ 3DD64966A764BCAFF07C9DC064BD410E ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys
16:20:50.0119 2140 BTATH_HCRP - ok
16:20:50.0135 2140 [ B68EE0721EAC305AB1C9C989CDF1AEFF ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
16:20:50.0151 2140 BTATH_LWFLT - ok
16:20:50.0197 2140 [ 057DA8351AD21AE485A11A8237DC9263 ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys
16:20:50.0197 2140 BTATH_RCP - ok
16:20:50.0354 2140 [ 185C8FCF6FD4D263AB1AC5A32ADD86AD ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
16:20:50.0354 2140 BtFilter - ok
16:20:50.0401 2140 [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:20:50.0401 2140 BthAvrcpTg - ok
16:20:50.0432 2140 [ 131F1C8573E7BFB41C54FBF5309CCD94 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
16:20:50.0432 2140 BthEnum - ok
16:20:50.0448 2140 [ 746B9F94214915AECDE4B7FEA5FF9664 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
16:20:50.0448 2140 BthHFEnum - ok
16:20:50.0463 2140 [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
16:20:50.0463 2140 bthhfhid - ok
16:20:50.0541 2140 [ FCD8BD17B7193CFFF18C332D1A381D7F ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
16:20:50.0541 2140 BthLEEnum - ok
16:20:50.0573 2140 [ 07E33226AD218A2A162662A05CAFB52F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
16:20:50.0573 2140 BTHMODEM - ok
16:20:50.0619 2140 [ 3AFE71D80EDF5D4DE0C5731352905669 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
16:20:50.0619 2140 BthPan - ok
16:20:51.0026 2140 [ 8458ECAB701EE385851C2559B71D1209 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
16:20:51.0041 2140 BTHPORT - ok
16:20:51.0057 2140 [ E5E48FEED73D463175EAB1542495191C ] bthserv C:\WINDOWS\system32\bthserv.dll
16:20:51.0073 2140 bthserv - ok
16:20:51.0104 2140 [ 2C0B77176CD68F1F60510CDF36ADC401 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
16:20:51.0104 2140 BTHUSB - ok
16:20:51.0119 2140 [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:20:51.0119 2140 cdfs - ok
16:20:51.0213 2140 [ C6796EA22B513E3457514D92DCDB1A3D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
16:20:51.0229 2140 cdrom - ok
16:20:51.0291 2140 [ AB285CE3431FF3D2ACE669245874C1C7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
16:20:51.0307 2140 CertPropSvc - ok
16:20:51.0323 2140 [ BE9936EDD3267FAAFF94A7835867F00B ] circlass C:\WINDOWS\System32\drivers\circlass.sys
16:20:51.0323 2140 circlass - ok
16:20:51.0354 2140 [ 7F006813C2AFE622C13D7AF94F56CD07 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
16:20:51.0354 2140 CLFS - ok
16:20:51.0385 2140 [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
16:20:51.0385 2140 CmBatt - ok
16:20:51.0416 2140 [ 825BE21E6395E00698D8A23955A87972 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
16:20:51.0432 2140 CNG - ok
16:20:51.0463 2140 [ 03AAED827C36F35D70900558B8274905 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
16:20:51.0463 2140 CompositeBus - ok
16:20:51.0463 2140 COMSysApp - ok
16:20:51.0494 2140 [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
16:20:51.0494 2140 condrv - ok
16:20:51.0869 2140 [ 06B278D3D74D3AD7FA8E8D8D6300F574 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:20:51.0885 2140 cphs - ok
16:20:51.0901 2140 [ 0EFE4B5884A8032617826A4D76F80969 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
16:20:51.0916 2140 CryptSvc - ok
16:20:51.0948 2140 [ 315BA4BC19316D72B2E037534E048B93 ] dam C:\WINDOWS\system32\drivers\dam.sys
16:20:51.0948 2140 dam - ok
16:20:51.0979 2140 [ 3FD5AE42EC87C6F532A931F96BE731DD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:20:51.0994 2140 DcomLaunch - ok
16:20:52.0010 2140 [ F4CCAADC2C78F57E4F16B24C9201CE22 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
16:20:52.0010 2140 defragsvc - ok
16:20:52.0041 2140 [ 0BC71D4D3B5883903C37BF4E13B0F0C5 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:20:52.0057 2140 DeviceAssociationService - ok
16:20:52.0088 2140 [ 752A457320A946E03C3AA86C3ACD735E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
16:20:52.0088 2140 DeviceInstall - ok
16:20:52.0104 2140 [ 5DB26D7E0216D0BF364A81D3829AD7B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
16:20:52.0104 2140 Dfsc - ok
16:20:52.0135 2140 [ 8B107F55FD61654A6C9F1B819AEC5FC4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
16:20:52.0135 2140 Dhcp - ok
16:20:52.0151 2140 [ 4D40C9B33F738797CF50E77CB7C53E85 ] disk C:\WINDOWS\system32\drivers\disk.sys
16:20:52.0151 2140 disk - ok
16:20:52.0166 2140 [ EB70A894708D1BC176AFD690FF06085F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
16:20:52.0166 2140 dmvsc - ok
16:20:52.0198 2140 [ 5BAF7714E68F93515A937A3FA8587EF9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:20:52.0213 2140 Dnscache - ok
16:20:52.0229 2140 [ 50288EA079BB520C2B8C8A154202D518 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
16:20:52.0229 2140 dot3svc - ok
16:20:52.0260 2140 [ 281BEE07BA97E3E98D12A822D923D0D8 ] DPS C:\WINDOWS\system32\dps.dll
16:20:52.0260 2140 DPS - ok
16:20:52.0291 2140 [ DDC11A202207C0400CBE07315B8FDE5E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:20:52.0291 2140 drmkaud - ok
16:20:52.0323 2140 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
16:20:52.0323 2140 DsmSvc - ok
16:20:52.0369 2140 [ A3D1CB64DF885ACE126543E6D7067348 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:20:52.0385 2140 DXGKrnl - ok
16:20:52.0416 2140 [ 6073537F250B45E1CB2A02E97F0FE1B2 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
16:20:52.0432 2140 Eaphost - ok
16:20:52.0510 2140 [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
16:20:52.0541 2140 ebdrv - ok
16:20:52.0573 2140 [ F6F209DDB94959BA104FC8FC87C53759 ] EFS C:\WINDOWS\System32\lsass.exe
16:20:52.0573 2140 EFS - ok
16:20:52.0604 2140 [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
16:20:52.0604 2140 EhStorClass - ok
16:20:52.0619 2140 [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:20:52.0619 2140 EhStorTcgDrv - ok
16:20:52.0651 2140 [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
16:20:52.0651 2140 ErrDev - ok
16:20:52.0698 2140 [ C3C9DCCF23EAD3249C4C7E472AC57050 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
16:20:52.0698 2140 ETD - ok
16:20:52.0729 2140 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3 ] EventSystem C:\WINDOWS\system32\es.dll
16:20:52.0729 2140 EventSystem - ok
16:20:52.0744 2140 [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
16:20:52.0760 2140 exfat - ok
16:20:52.0760 2140 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
16:20:52.0760 2140 fastfat - ok
16:20:52.0807 2140 [ 2BC8532ABF2B3756B78FA1DA54147DDE ] Fax C:\WINDOWS\system32\fxssvc.exe
16:20:52.0807 2140 Fax - ok
16:20:52.0838 2140 [ 5D8402613E778B3BD45E687A8372710B ] fdc C:\WINDOWS\System32\drivers\fdc.sys
16:20:52.0838 2140 fdc - ok
16:20:52.0854 2140 [ DC1A78BCCCB7EE53D6FD3BD615A8E222 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
16:20:52.0854 2140 fdPHost - ok
16:20:52.0885 2140 [ E5AD448F2DC84B1CF387FA7F2A3D1936 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
16:20:52.0885 2140 FDResPub - ok
16:20:52.0901 2140 [ 0046E0BD031213D37123876B0D0FA61C ] fhsvc C:\WINDOWS\system32\fhsvc.dll
16:20:52.0901 2140 fhsvc - ok
16:20:52.0916 2140 [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
16:20:52.0916 2140 FileInfo - ok
16:20:52.0916 2140 [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
16:20:52.0932 2140 Filetrace - ok
16:20:52.0948 2140 [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
16:20:52.0948 2140 flpydisk - ok
16:20:52.0963 2140 [ 60D5067FCE6D9433D35E04C01D8538B3 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:20:52.0963 2140 FltMgr - ok
16:20:53.0010 2140 [ 183CA7699474FDE235853967D1DA4D9B ] FontCache C:\WINDOWS\system32\FntCache.dll
16:20:53.0026 2140 FontCache - ok
16:20:53.0135 2140 [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:20:53.0135 2140 FontCache3.0.0.0 - ok
16:20:53.0166 2140 [ 35005534E600E993A90B036E4E599F2B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
16:20:53.0166 2140 FsDepends - ok
16:20:53.0182 2140 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:20:53.0182 2140 Fs_Rec - ok
16:20:53.0213 2140 [ 83E1F0983B02A6F8EC764D18E24ECF10 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:20:53.0229 2140 fvevol - ok
16:20:53.0245 2140 [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
16:20:53.0245 2140 FxPPM - ok
16:20:53.0260 2140 [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
16:20:53.0260 2140 gagp30kx - ok
16:20:53.0291 2140 [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
16:20:53.0291 2140 gencounter - ok
16:20:53.0307 2140 [ FDA72810CA2F8409D9B31E833C448E34 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:20:53.0307 2140 GPIOClx0101 - ok
16:20:53.0354 2140 [ 0BDE0FCF597E9B65600121EF54FF8340 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
16:20:53.0370 2140 gpsvc - ok
16:20:53.0416 2140 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
16:20:53.0416 2140 HDAudBus - ok
16:20:53.0479 2140 [ 10A70BC1871CD955D85CD88372724906 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
16:20:53.0479 2140 HidBatt - ok
16:20:53.0495 2140 [ 1EA1B4FABB8CC348E73CA90DBA22E104 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
16:20:53.0495 2140 HidBth - ok
16:20:53.0510 2140 [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
16:20:53.0526 2140 hidi2c - ok
16:20:53.0541 2140 [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
16:20:53.0541 2140 HidIr - ok
16:20:53.0573 2140 [ 449A20A674AA3FAA7F0DD4E33EE2DC20 ] hidserv C:\WINDOWS\system32\hidserv.dll
16:20:53.0588 2140 hidserv - ok
16:20:53.0604 2140 [ F31397220D9687E11EB448649AA6E038 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
16:20:53.0604 2140 HidUsb - ok
16:20:53.0635 2140 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
16:20:53.0635 2140 hkmsvc - ok
16:20:53.0651 2140 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:20:53.0651 2140 HomeGroupListener - ok
16:20:53.0682 2140 [ BE5F89BAFBD4272D5A0C0A37B97865ED ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:20:53.0682 2140 HomeGroupProvider - ok
16:20:53.0698 2140 [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
16:20:53.0698 2140 HpSAMD - ok
16:20:53.0729 2140 [ 3502776E366C913D49C0DA928AE3E6CB ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
16:20:53.0745 2140 HTTP - ok
16:20:53.0760 2140 [ 90656C0B3864804B090434EFC582404F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
16:20:53.0760 2140 hwpolicy - ok
16:20:53.0776 2140 [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
16:20:53.0776 2140 hyperkbd - ok
16:20:53.0791 2140 [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
16:20:53.0791 2140 HyperVideo - ok
16:20:53.0807 2140 [ 84CFC5EFA97D0C965EDE1D56F116A541 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
16:20:53.0807 2140 i8042prt - ok
16:20:53.0823 2140 [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
16:20:53.0823 2140 iaLPSSi_GPIO - ok
16:20:53.0838 2140 [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
16:20:53.0838 2140 iaLPSSi_I2C - ok
16:20:53.0870 2140 [ 0FE66A51D81A25AACEAAE4C26308121D ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
16:20:53.0885 2140 iaStorA - ok
16:20:53.0916 2140 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
16:20:53.0916 2140 iaStorAV - ok
16:20:53.0948 2140 [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
16:20:53.0948 2140 iaStorV - ok
16:20:54.0010 2140 [ 83FF82FE209E7997067B375DAD6CF23D ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
16:20:54.0010 2140 ICCS - ok
16:20:54.0026 2140 IEEtwCollectorService - ok
16:20:54.0135 2140 [ 348214F96642FD4FEF630DE021BA3540 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:20:54.0151 2140 igfx - ok
16:20:54.0182 2140 [ B82255670D270B75D2D2F0F8747D1443 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
16:20:54.0198 2140 IKEEXT - ok
16:20:54.0245 2140 [ 4011430BC9DA46ADFAE9915EFEC312FB ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
16:20:54.0245 2140 intaud_WaveExtensible - ok
16:20:54.0354 2140 [ 7A93DBF7DD86A28C0B941F4D39B85A0E ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:20:54.0370 2140 IntcAzAudAddService - ok
16:20:54.0401 2140 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:20:54.0401 2140 IntcDAud - ok
16:20:54.0479 2140 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:20:54.0479 2140 Intel(R) Capability Licensing Service Interface - ok
16:20:54.0510 2140 [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
16:20:54.0526 2140 intelide - ok
16:20:54.0557 2140 [ 139CFCDCD36B1B1782FD8C0014AC9B0E ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
16:20:54.0557 2140 intelpep - ok
16:20:54.0573 2140 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
16:20:54.0573 2140 intelppm - ok
16:20:54.0604 2140 [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:20:54.0604 2140 IpFilterDriver - ok
16:20:54.0651 2140 [ DFC4050D58565ADBEE793A8D4AEBDAE6 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
16:20:54.0666 2140 iphlpsvc - ok
16:20:54.0682 2140 [ 9949A3C7590B8C536C05312205079A82 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:20:54.0682 2140 IPMIDRV - ok
16:20:54.0698 2140 [ E23D32BAF152FBE35F18C6A2AB8EF271 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
16:20:54.0698 2140 IPNAT - ok
16:20:54.0713 2140 [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
16:20:54.0713 2140 IRENUM - ok
16:20:54.0745 2140 [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
16:20:54.0745 2140 isapnp - ok
16:20:54.0776 2140 [ 034D4BD9DC67C64F3A4C8A049B5173BF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
16:20:54.0791 2140 iScsiPrt - ok
16:20:54.0823 2140 [ EE03564B7FAFE2E44EDA33D52E83B4A3 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
16:20:54.0823 2140 iwdbus - ok
16:20:54.0870 2140 [ 78ABBE558F57144047F10A0F50FE4B2F ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:20:54.0870 2140 jhi_service - ok
16:20:54.0885 2140 [ 8BE92376799B6B44D543E8D07CDCF885 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
16:20:54.0885 2140 kbdclass - ok
16:20:54.0901 2140 [ FB6E47E569D4872ABEB506BE03A45FBA ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
16:20:54.0901 2140 kbdhid - ok
16:20:54.0917 2140 [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
16:20:54.0917 2140 kdnic - ok
16:20:54.0948 2140 [ F6F209DDB94959BA104FC8FC87C53759 ] KeyIso C:\WINDOWS\system32\lsass.exe
16:20:54.0948 2140 KeyIso - ok
16:20:54.0979 2140 [ ADDECBCC777665BD113BED437E602AB0 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
16:20:54.0979 2140 KSecDD - ok
16:20:54.0995 2140 [ 7296EA420134EAC390798B3232D066A4 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:20:54.0995 2140 KSecPkg - ok
16:20:55.0010 2140 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
16:20:55.0010 2140 ksthunk - ok
16:20:55.0042 2140 [ 32B1A8351160F307A8C66BCB0F94A9C2 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
16:20:55.0057 2140 KtmRm - ok
16:20:55.0088 2140 [ 27B58E16CF895AC1F1A97C04814C2239 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
16:20:55.0104 2140 LanmanServer - ok
16:20:55.0151 2140 [ D0D9C2ECA4D03A8F06DCD91236B90C98 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:20:55.0151 2140 LanmanWorkstation - ok
16:20:55.0198 2140 [ EE289BD147FDFF95EF1B9BD65D3B974A ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
16:20:55.0198 2140 lfsvc - ok
16:20:55.0229 2140 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\WINDOWS\system32\DRIVERS\LhdX64.sys
16:20:55.0229 2140 LHDmgr - ok
16:20:55.0245 2140 [ C09010B3680860131631F53E8FE7BAD8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
16:20:55.0245 2140 lltdio - ok
16:20:55.0276 2140 [ 00E070FC0C673311AFD4B068D1242780 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
16:20:55.0276 2140 lltdsvc - ok
16:20:55.0307 2140 [ D113FAD71A5E67AA94B32A0F8828D265 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
16:20:55.0307 2140 lmhosts - ok
16:20:55.0338 2140 [ 2C24DC448DBE8DB9BE1441B824C57E79 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:20:55.0338 2140 LMS - ok
16:20:55.0385 2140 [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
16:20:55.0385 2140 LSI_SAS - ok
16:20:55.0401 2140 [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
16:20:55.0401 2140 LSI_SAS2 - ok
16:20:55.0417 2140 [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
16:20:55.0417 2140 LSI_SAS3 - ok
16:20:55.0432 2140 [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
16:20:55.0448 2140 LSI_SSS - ok
16:20:55.0479 2140 [ B6B69FF200F68888A7FAFDF204D00C91 ] LSM C:\WINDOWS\System32\lsm.dll
16:20:55.0495 2140 LSM - ok
16:20:55.0526 2140 [ 5EF604B0698F4FA962778285E8C5F1F2 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
16:20:55.0526 2140 luafv - ok
16:20:55.0557 2140 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
16:20:55.0557 2140 MBAMProtector - ok
16:20:55.0620 2140 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:20:55.0620 2140 MBAMScheduler - ok
16:20:55.0651 2140 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:20:55.0667 2140 MBAMService - ok
16:20:55.0682 2140 [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas C:\WINDOWS\system32\drivers\megasas.sys
16:20:55.0682 2140 megasas - ok
16:20:55.0698 2140 [ F6F13533196DE7A582D422B0241E4363 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
16:20:55.0713 2140 megasr - ok
16:20:55.0729 2140 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
16:20:55.0729 2140 MEIx64 - ok
16:20:55.0760 2140 [ FD788C2D96EA91469A3C1D13E80D7473 ] MMCSS C:\WINDOWS\system32\mmcss.dll
16:20:55.0760 2140 MMCSS - ok
16:20:55.0776 2140 [ 8B38C44F69259987C95135C9627E2378 ] Modem C:\WINDOWS\system32\drivers\modem.sys
16:20:55.0776 2140 Modem - ok
16:20:55.0792 2140 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
16:20:55.0792 2140 monitor - ok
16:20:55.0807 2140 [ CEAC6D40FE887CE8406C2393CF97DE06 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
16:20:55.0807 2140 mouclass - ok
16:20:55.0823 2140 [ 02D98BF804084E9A0D69D1C69B02CCA9 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
16:20:55.0823 2140 mouhid - ok
16:20:55.0838 2140 [ 515549560D481138E6E21AF7C6998E56 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
16:20:55.0838 2140 mountmgr - ok
16:20:55.0885 2140 [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:20:55.0885 2140 MozillaMaintenance - ok
16:20:55.0885 2140 [ F170510BE94CF45E3C6274578F6204B2 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
16:20:55.0901 2140 mpsdrv - ok
16:20:55.0932 2140 [ D186C5844393252147BE934F3871DB7A ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
16:20:55.0948 2140 MpsSvc - ok
16:20:55.0963 2140 [ 59DCEC7499095DE5AED741358037AE2D ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
16:20:55.0963 2140 MRxDAV - ok
16:20:56.0010 2140 [ 6129EDB793A4255B1E2FB41773AC9D9A ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:20:56.0010 2140 mrxsmb - ok
16:20:56.0010 2140 [ 295771B092D4F7FCF2B62F80CCD14320 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:20:56.0026 2140 mrxsmb10 - ok
16:20:56.0042 2140 [ AAF56E4E84D35411B4E446C445732DFE ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:20:56.0042 2140 mrxsmb20 - ok
16:20:56.0073 2140 [ 4E888019078AC363076A5433E89AA4F8 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
16:20:56.0073 2140 MsBridge - ok
16:20:56.0104 2140 [ A082C17D14D0790E27D064EA4B138AE1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
16:20:56.0104 2140 MSDTC - ok
16:20:56.0120 2140 [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:20:56.0135 2140 Msfs - ok
16:20:56.0151 2140 [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:20:56.0151 2140 msgpiowin32 - ok
16:20:56.0167 2140 [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:20:56.0167 2140 mshidkmdf - ok
16:20:56.0182 2140 [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
16:20:56.0182 2140 mshidumdf - ok
16:20:56.0198 2140 [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
16:20:56.0198 2140 msisadrv - ok
16:20:56.0229 2140 [ 810F8A0A0680662BB0CE44D0E2CEF90C ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
16:20:56.0229 2140 MSiSCSI - ok
16:20:56.0245 2140 msiserver - ok
16:20:56.0260 2140 [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:20:56.0260 2140 MSKSSRV - ok
16:20:56.0276 2140 [ 375E44168F2DFB91A68B8A3F619C5A7C ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
16:20:56.0276 2140 MsLldp - ok
16:20:56.0292 2140 [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:20:56.0292 2140 MSPCLOCK - ok
16:20:56.0307 2140 [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:20:56.0307 2140 MSPQM - ok
16:20:56.0338 2140 [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
16:20:56.0338 2140 MsRPC - ok
16:20:56.0354 2140 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
16:20:56.0354 2140 mssmbios - ok
16:20:56.0370 2140 [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:20:56.0370 2140 MSTEE - ok
16:20:56.0385 2140 [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
16:20:56.0385 2140 MTConfig - ok
16:20:56.0385 2140 [ 619CA29326B82372621DB2C0964D8365 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
16:20:56.0385 2140 Mup - ok
16:20:56.0401 2140 [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
16:20:56.0401 2140 mvumis - ok
16:20:56.0432 2140 [ 41A45D2A75494EABF2806EA051E00376 ] napagent C:\WINDOWS\system32\qagentRT.dll
16:20:56.0448 2140 napagent - ok
16:20:56.0479 2140 [ CF8B989D89D6807B887690F2CF24EFD9 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:20:56.0479 2140 NativeWifiP - ok
16:20:56.0526 2140 [ 71E3C0100AA19D11373CCEB2F51A6008 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
16:20:56.0526 2140 NcaSvc - ok
16:20:56.0542 2140 [ 51DF09CAB2CAC64FEE3E371D9028ED01 ] NcbService C:\WINDOWS\System32\ncbservice.dll
16:20:56.0557 2140 NcbService - ok
16:20:56.0573 2140 [ 2586C4C167499210DCBF3ECFD8CCE210 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
16:20:56.0573 2140 NcdAutoSetup - ok
16:20:56.0604 2140 [ AD9086052A5E5153AF43FE74138A4B27 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
16:20:56.0620 2140 NDIS - ok
16:20:56.0635 2140 [ C6BB12BC35D1637CA17AE16D3A4725EB ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
16:20:56.0635 2140 NdisCap - ok
16:20:56.0635 2140 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
16:20:56.0651 2140 NdisImPlatform - ok
16:20:56.0667 2140 [ 9423421E735BD5394351E0C47C76BB92 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:20:56.0667 2140 NdisTapi - ok
16:20:56.0698 2140 [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:20:56.0698 2140 Ndisuio - ok
16:20:56.0713 2140 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:20:56.0713 2140 NdisVirtualBus - ok
16:20:56.0729 2140 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:20:56.0745 2140 NdisWan - ok
16:20:56.0745 2140 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:20:56.0745 2140 NdisWanLegacy - ok
16:20:56.0776 2140 [ A5BD69A8812FA79D1A487691DD3FB244 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:20:56.0776 2140 NDProxy - ok
16:20:56.0807 2140 [ 5A072F0B90C29C5233D78BE33EF5ED78 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
16:20:56.0807 2140 Ndu - ok
16:20:56.0807 2140 [ A83D67D347A684F10B7D3019C8A6380C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:20:56.0807 2140 NetBIOS - ok

16:20:56.0823 2140 [ 0217532E19A748F0E5D569307363D5FD ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:20:56.0823 2140 NetBT - ok
16:20:56.0838 2140 [ F6F209DDB94959BA104FC8FC87C53759 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:20:56.0838 2140 Netlogon - ok
16:20:56.0854 2140 [ B7AD851A21FEBA3BA214972627614207 ] Netman C:\WINDOWS\System32\netman.dll
16:20:56.0870 2140 Netman - ok
16:20:56.0901 2140 [ F0F0A372C2EF6358399C4936F91B6131 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
16:20:56.0917 2140 netprofm - ok
16:20:56.0948 2140 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:56.0995 2140 NetTcpPortSharing - ok
16:20:57.0026 2140 [ 70414DB660BFBB7BD58FCE8EA4364E1B ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
16:20:57.0026 2140 netvsc - ok
16:20:57.0057 2140 [ 3A280F3B3C7A46E29C404ACD46ECBF5E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
16:20:57.0073 2140 NlaSvc - ok
16:20:57.0088 2140 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:20:57.0088 2140 Npfs - ok
16:20:57.0104 2140 [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
16:20:57.0104 2140 npsvctrig - ok
16:20:57.0120 2140 [ 6E2271ED0C3E95B8E29F3752B91B9E84 ] nsi C:\WINDOWS\system32\nsisvc.dll
16:20:57.0135 2140 nsi - ok
16:20:57.0135 2140 [ E490B459978CB87779E84C761D22B827 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
16:20:57.0135 2140 nsiproxy - ok
16:20:57.0182 2140 [ 4412D565C0278C401575E11072C7DCE3 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:20:57.0198 2140 Ntfs - ok
16:20:57.0198 2140 [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null C:\WINDOWS\system32\drivers\Null.sys
16:20:57.0198 2140 Null - ok
16:20:57.0370 2140 [ 9B93CC9C70EDE60A9C486E7719DB9E8D ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
16:20:57.0417 2140 nvlddmkm - ok
16:20:57.0448 2140 [ F76296368BB813E0C6996501A3271C7C ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
16:20:57.0448 2140 nvpciflt - ok
16:20:57.0463 2140 [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
16:20:57.0463 2140 nvraid - ok
16:20:57.0495 2140 [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
16:20:57.0495 2140 nvstor - ok
16:20:57.0698 2140 [ FB50E60564ED30DDC855F0CE435C8467 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
16:20:57.0714 2140 nvsvc - ok
16:20:58.0167 2140 [ 005E474630A7AA05A617C574B702FEED ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:20:58.0182 2140 nvUpdatusService - ok
16:20:58.0214 2140 [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
16:20:58.0214 2140 nv_agp - ok
16:20:58.0323 2140 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:20:58.0323 2140 ose - ok
16:20:59.0354 2140 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:20:59.0370 2140 osppsvc - ok
16:20:59.0495 2140 [ 3B510F20806B94E389784ED09DBD2111 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
16:20:59.0510 2140 p2pimsvc - ok
16:20:59.0542 2140 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B ] p2psvc C:\WINDOWS\system32\p2psvc.dll
16:20:59.0557 2140 p2psvc - ok
16:20:59.0573 2140 [ 764B1121867B2D9B31C491668AC72B2B ] Parport C:\WINDOWS\System32\drivers\parport.sys
16:20:59.0573 2140 Parport - ok
16:20:59.0604 2140 [ EF0C1749C9A8CEE9A457473D433CC00F ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
16:20:59.0604 2140 partmgr - ok
16:20:59.0698 2140 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
16:20:59.0714 2140 PcaSvc - ok
16:20:59.0745 2140 [ C0D3F3BC1C84B4BA746D9847314C1164 ] pci C:\WINDOWS\system32\drivers\pci.sys
16:20:59.0745 2140 pci - ok
16:20:59.0760 2140 [ 346E38FCC6859A727DD28AFAD1F0AFF4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
16:20:59.0776 2140 pciide - ok
16:20:59.0823 2140 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
16:20:59.0823 2140 pcmcia - ok
16:20:59.0854 2140 [ BF28771D1436C88BE1D297D3098B0F7D ] pcw C:\WINDOWS\system32\drivers\pcw.sys
16:20:59.0854 2140 pcw - ok
16:20:59.0885 2140 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
16:20:59.0885 2140 pdc - ok
16:20:59.0995 2140 [ BA50CC0BD19004AAB88BE37338B6FA0D ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
16:21:00.0010 2140 PEAUTH - ok
16:21:00.0776 2140 [ 8E3C640FFF5A963F570233AE99C0FFF3 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
16:21:00.0776 2140 PerfHost - ok
16:21:01.0026 2140 [ 928061178CD9856CA6B67FFFCE6BA766 ] pla C:\WINDOWS\system32\pla.dll
16:21:01.0057 2140 pla - ok
16:21:01.0089 2140 [ 752A457320A946E03C3AA86C3ACD735E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
16:21:01.0104 2140 PlugPlay - ok
16:21:01.0120 2140 [ 045EB4F260606A03BE340D09DEAF3BA4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
16:21:01.0136 2140 PNRPAutoReg - ok
16:21:01.0151 2140 [ 3B510F20806B94E389784ED09DBD2111 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
16:21:01.0167 2140 PNRPsvc - ok
16:21:01.0198 2140 [ C16097D77A232A288D65F299E2E01105 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
16:21:01.0214 2140 PolicyAgent - ok
16:21:01.0214 2140 [ 00E08B30E7F7C13ECE2CDF4F46A77311 ] Power C:\WINDOWS\system32\umpo.dll
16:21:01.0229 2140 Power - ok
16:21:01.0761 2140 [ B7DB57A000D46D4DE75BC0C563E58072 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
16:21:01.0854 2140 PrintNotify - ok
16:21:01.0886 2140 [ ECD373F9571C745894367CC2635EA44F ] Processor C:\WINDOWS\System32\drivers\processr.sys
16:21:01.0886 2140 Processor - ok
16:21:01.0948 2140 [ 8513A1E7AE4B9DC82C4B4F432C648A58 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
16:21:01.0964 2140 ProfSvc - ok
16:21:02.0011 2140 [ 8528BB05E4D4E25945F78B00B2555FB7 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
16:21:02.0011 2140 Psched - ok
16:21:02.0057 2140 [ AF90BB44C99D6820BE52C9BBAA523283 ] QWAVE C:\WINDOWS\system32\qwave.dll
16:21:02.0073 2140 QWAVE - ok
16:21:02.0089 2140 [ 3FB466684609A4329858CF2EBD62E0FD ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
16:21:02.0089 2140 QWAVEdrv - ok
16:21:02.0104 2140 [ 2C56F0EE27E4EF70CA4B4983D3638905 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:21:02.0104 2140 RasAcd - ok
16:21:02.0151 2140 [ 5F061AC45266841A2860C1858ED863B8 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:21:02.0167 2140 RasAuto - ok
16:21:02.0198 2140 [ BF3B17016764F20F9D28CF1A8DC210C0 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:21:02.0198 2140 RasMan - ok
16:21:02.0229 2140 [ 5247F308C4103CDC4FE12AE1D235800A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:21:02.0229 2140 RasPppoe - ok
16:21:02.0245 2140 [ B939A2A0F9D6C6C186721E268EB6FA93 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:21:02.0261 2140 rdbss - ok
16:21:02.0276 2140 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
16:21:02.0276 2140 rdpbus - ok
16:21:02.0292 2140 [ 680C1DAE268B6FB67FA21B389A8B79EF ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
16:21:02.0292 2140 RDPDR - ok
16:21:02.0323 2140 [ 858776908AF838E3790F3261B799CDA6 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:21:02.0323 2140 RdpVideoMiniport - ok
16:21:02.0401 2140 [ 847C6A08912C3515807049C93E526D65 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
16:21:02.0417 2140 rdyboost - ok
16:21:02.0511 2140 [ 036746D54347FD2D0385668E2A4064E4 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
16:21:02.0526 2140 ReFS - ok
16:21:02.0542 2140 [ BFFB40FBE6D2C3469F8D06EE5E4934AB ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:21:02.0542 2140 RemoteAccess - ok
16:21:02.0573 2140 [ 4DCCABE03D06955ED61BABBD8EF9F30F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:21:02.0589 2140 RemoteRegistry - ok
16:21:02.0620 2140 [ 02307C86CB24769306B0DFA0C751952E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
16:21:02.0620 2140 RFCOMM - ok
16:21:02.0636 2140 [ D894CBD7DA753C881EE8D5E33B583225 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
16:21:02.0636 2140 RpcEptMapper - ok
16:21:02.0667 2140 [ 5CAE8F47B31D5CFC322B5B898C19E0FE ] RpcLocator C:\WINDOWS\system32\locator.exe
16:21:02.0667 2140 RpcLocator - ok
16:21:02.0683 2140 [ 3FD5AE42EC87C6F532A931F96BE731DD ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:21:02.0698 2140 RpcSs - ok
16:21:02.0714 2140 [ 2D05A5508F4685412F2B89E8C2189ABC ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
16:21:02.0729 2140 rspndr - ok
16:21:02.0808 2140 [ 55E66BAE5B30E09FDE217FBF0CDAA579 ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
16:21:02.0808 2140 RSUSBVSTOR - ok
16:21:02.0948 2140 [ 19764658C1468C2C0CEF133D28414A6B ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
16:21:02.0948 2140 RTL8168 - ok
16:21:03.0823 2140 [ 02FE42ED9CBB4CBE806ED1E906D7AC8F ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
16:21:03.0854 2140 rtsuvc - ok
16:21:03.0901 2140 [ 1A063730F221B2746FF00457AE17E4F0 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
16:21:03.0901 2140 s3cap - ok
16:21:03.0948 2140 [ F6F209DDB94959BA104FC8FC87C53759 ] SamSs C:\WINDOWS\system32\lsass.exe
16:21:03.0948 2140 SamSs - ok
16:21:03.0995 2140 [ C624A1B32211C3166EDB3F4AB02A30B7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
16:21:03.0995 2140 sbp2port - ok
16:21:04.0073 2140 [ 47C497FA4DDEA908633CAA60CEBE6805 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
16:21:04.0089 2140 SCardSvr - ok
16:21:04.0105 2140 [ E76C4E98302AE39CC6FA5D20FC8B5438 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
16:21:04.0120 2140 ScDeviceEnum - ok
16:21:04.0120 2140 [ ABD0237B15DBD2B4695F4B7D734A58F7 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:21:04.0120 2140 scfilter - ok
16:21:04.0167 2140 [ 888A30EAB651502352C18745367FD179 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:21:04.0183 2140 Schedule - ok
16:21:04.0198 2140 [ AB285CE3431FF3D2ACE669245874C1C7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
16:21:04.0214 2140 SCPolicySvc - ok
16:21:04.0261 2140 [ 2F9A3380B8C0380E5608E29C7AA66899 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
16:21:04.0261 2140 sdbus - ok
16:21:04.0292 2140 [ 4EAF4DCF9DBD9A56952A58F56D61C005 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
16:21:04.0292 2140 sdstor - ok
16:21:04.0323 2140 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
16:21:04.0323 2140 secdrv - ok
16:21:04.0370 2140 [ C49009F897BA4F2F4F31043663AA1485 ] seclogon C:\WINDOWS\system32\seclogon.dll
16:21:04.0386 2140 seclogon - ok
16:21:04.0386 2140 [ A88882E64BDC1D8E8D6E727B71CCCC53 ] SENS C:\WINDOWS\System32\sens.dll
16:21:04.0386 2140 SENS - ok
16:21:04.0417 2140 [ E66A7C8CE7ED22DED6DF1CA479FB4790 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
16:21:04.0433 2140 SensrSvc - ok
16:21:04.0448 2140 [ DB2FF24CE0BDD15FE75870AFE312BA89 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
16:21:04.0448 2140 SerCx - ok
16:21:04.0495 2140 [ 0044B31F93946D5D41982314381FE431 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
16:21:04.0495 2140 SerCx2 - ok
16:21:04.0511 2140 [ 3CD600C089C1251BEEB4CD4CD5164F9E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
16:21:04.0511 2140 Serenum - ok
16:21:04.0558 2140 [ D864381BC9C725FAB01D94C060660166 ] Serial C:\WINDOWS\System32\drivers\serial.sys
16:21:04.0558 2140 Serial - ok
16:21:04.0573 2140 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
16:21:04.0573 2140 sermouse - ok
16:21:04.0651 2140 [ 441E6FF1F34D7A942946DB42A15FB519 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
16:21:04.0667 2140 SessionEnv - ok
16:21:04.0683 2140 [ 472B7A5AC181C050888DB454663DD764 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
16:21:04.0683 2140 sfloppy - ok
16:21:04.0730 2140 [ F4414F57DF2CECB8FC969AA43A6B0D50 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:21:04.0745 2140 SharedAccess - ok
16:21:04.0792 2140 [ 0D190D8B4B20446BE6299AC734DFADF1 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:21:04.0808 2140 ShellHWDetection - ok
16:21:04.0823 2140 [ 2F518D13DD6F3053837FE606F1A2EA1F ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:21:04.0823 2140 SiSRaid2 - ok
16:21:04.0839 2140 [ 1AC9A200A9C49C4508F04AAFFCA34A3F ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
16:21:04.0839 2140 SiSRaid4 - ok
16:21:04.0886 2140 [ 587ACA15210D1B01FBF272E07A08F91A ] smphost C:\WINDOWS\System32\smphost.dll
16:21:04.0886 2140 smphost - ok
16:21:04.0917 2140 [ 49EEB92DE930B8566EF615D600781DB4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
16:21:04.0917 2140 SNMPTRAP - ok
16:21:04.0995 2140 [ F6EBE514D13ECE7EDC23440039CDF9AB ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
16:21:04.0995 2140 spaceport - ok
16:21:05.0042 2140 [ F337BE11071818FC3F5DC2940B6BDE34 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
16:21:05.0042 2140 SpbCx - ok
16:21:05.0198 2140 [ FE0CB40F36D3FCDD3A1B312EF72C38D5 ] Spooler C:\WINDOWS\System32\spoolsv.exe
16:21:05.0214 2140 Spooler - ok
16:21:06.0386 2140 [ E6DEC72A2A23FAA53EB9FEC3C7E29D66 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
16:21:06.0417 2140 sppsvc - ok
16:21:06.0511 2140 [ 2B78788A1485F9B99A578A299DF42C02 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:21:06.0526 2140 srv - ok
16:21:06.0651 2140 [ C1AE59C0B0817236EC083A91C396005A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
16:21:06.0667 2140 srv2 - ok
16:21:06.0698 2140 [ 77195C32175FC63D6054EBA5A066D727 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:21:06.0698 2140 srvnet - ok
16:21:06.0761 2140 [ BB9ED3EDD8E85008215A7250D325A72E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:21:06.0776 2140 SSDPSRV - ok
16:21:06.0823 2140 [ 3911418AFDE10EA6823B7799E4815524 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
16:21:06.0823 2140 SstpSvc - ok
16:21:06.0948 2140 [ 7FCE08C739136C9C64107A8814EF854C ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:21:06.0948 2140 Stereo Service - ok
16:21:06.0980 2140 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
16:21:06.0980 2140 stexstor - ok
16:21:07.0089 2140 [ D638904FE86A5FE542A1BA13A9D68E5C ] stisvc C:\WINDOWS\System32\wiaservc.dll
16:21:07.0105 2140 stisvc - ok
16:21:07.0120 2140 [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
16:21:07.0120 2140 storahci - ok
16:21:07.0152 2140 [ 7A08CEE1535F5A448215634C5EA74E50 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
16:21:07.0152 2140 storflt - ok
16:21:07.0198 2140 [ 6B06E2D11E604BE2B1A406C4CB3B90DE ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
16:21:07.0198 2140 stornvme - ok
16:21:07.0245 2140 [ 3118058E3D07021A55324A943C6D722B ] StorSvc C:\WINDOWS\system32\storsvc.dll
16:21:07.0261 2140 StorSvc - ok
16:21:07.0292 2140 [ 548759755BC73DAD663250239D7E0B9F ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
16:21:07.0292 2140 storvsc - ok
16:21:07.0308 2140 [ D8E1AE075AB3E8AD56F69C44AA978596 ] svsvc C:\WINDOWS\system32\svsvc.dll
16:21:07.0308 2140 svsvc - ok
16:21:07.0339 2140 [ 84E0F5D41C138C5CC975137A2A98F6D3 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
16:21:07.0339 2140 swenum - ok
16:21:07.0527 2140 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:21:07.0542 2140 SwitchBoard - ok
16:21:07.0589 2140 [ A5DC2E63F5E5D3C0B843307374998479 ] swprv C:\WINDOWS\System32\swprv.dll
16:21:07.0605 2140 swprv - ok
16:21:07.0652 2140 [ E45DA7CBBA34510C8B9473AD7D4FFD0B ] SysMain C:\WINDOWS\system32\sysmain.dll
16:21:07.0683 2140 SysMain - ok
16:21:07.0730 2140 [ 373382005ACB27CB16ED16722FBE946A ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:21:07.0730 2140 SystemEventsBroker - ok
16:21:07.0761 2140 [ BA6DD39266A5E15515C8C14DA2DA3E5C ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:21:07.0761 2140 TabletInputService - ok
16:21:07.0792 2140 [ B517410F157693043DACA21B19B258A6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:21:07.0808 2140 TapiSrv - ok
16:21:07.0870 2140 [ 6617F44D2432C529B2249A0498B6B40A ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
16:21:07.0886 2140 Tcpip - ok
16:21:08.0230 2140 [ 6617F44D2432C529B2249A0498B6B40A ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:21:08.0261 2140 TCPIP6 - ok
16:21:08.0292 2140 [ 33A7D83EEB15431773A6E186CFAABA21 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
16:21:08.0292 2140 tcpipreg - ok
16:21:08.0339 2140 [ FFF28F9F6823EB1756C60F1649560BBF ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
16:21:08.0339 2140 tdx - ok
16:21:08.0370 2140 [ 232D185D2337F141311D0CF1983E1431 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
16:21:08.0370 2140 terminpt - ok
16:21:08.0605 2140 [ 2C77831737491F4D684D315B95C62883 ] TermService C:\WINDOWS\System32\termsrv.dll
16:21:08.0636 2140 TermService - ok
16:21:08.0652 2140 [ 05FBE1F7C13E87AF7A414CDF288B1F62 ] Themes C:\WINDOWS\system32\themeservice.dll
16:21:08.0652 2140 Themes - ok
16:21:08.0667 2140 [ FD788C2D96EA91469A3C1D13E80D7473 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
16:21:08.0667 2140 THREADORDER - ok
16:21:08.0714 2140 [ 347A3E49CE18402305B8119A6EC7CFEB ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
16:21:08.0745 2140 TimeBroker - ok
16:21:08.0777 2140 [ 82F909359600D3603FE852DB7F135626 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
16:21:08.0777 2140 TPM - ok
16:21:08.0808 2140 [ C97E14BB6A196B0554D6EB67D8818175 ] TrkWks C:\WINDOWS\System32\trkwks.dll
16:21:08.0808 2140 TrkWks - ok
16:21:08.0855 2140 [ DA56FFA46030E6FEB215E3D5DAA65B11 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:21:08.0870 2140 TrustedInstaller - ok
16:21:08.0886 2140 [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
16:21:08.0886 2140 TsUsbFlt - ok
16:21:08.0917 2140 [ E0088068DCE2EE82897027DDB8E05254 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:21:08.0917 2140 TsUsbGD - ok
16:21:08.0980 2140 [ C8E0E78B5D284C2FF59BDFFDAF997242 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
16:21:08.0980 2140 tunnel - ok
16:21:08.0995 2140 [ F6EEAD052943B5A3104C1405BB856C54 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
16:21:08.0995 2140 uagp35 - ok
16:21:09.0042 2140 [ FE6067B1FD4E63650C667B33D080565B ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
16:21:09.0042 2140 UASPStor - ok
16:21:09.0136 2140 [ 5D1B430EA11064C56E7C8F84B90DEB6A ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
16:21:09.0167 2140 UCX01000 - ok
16:21:09.0183 2140 [ 1EC649F112896FAE33250F0B97AC5D0B ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
16:21:09.0198 2140 udfs - ok
16:21:09.0230 2140 [ 9578691F297E1B1F519970FE6D47CB21 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
16:21:09.0230 2140 UEFI - ok
16:21:09.0277 2140 [ 320878AFECDBBD61BBE98624A6CAAC08 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
16:21:09.0277 2140 UI0Detect - ok
16:21:09.0324 2140 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
16:21:09.0324 2140 uliagpkx - ok
16:21:09.0339 2140 [ DA34C39A18E60E7C3FA0630566408034 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
16:21:09.0339 2140 umbus - ok
16:21:09.0370 2140 [ AE8294875E5446E359B1E8035D40C05E ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
16:21:09.0370 2140 UmPass - ok
16:21:09.0464 2140 [ E3DDF7D43E05784FAA5E042605EEE528 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
16:21:09.0464 2140 UmRdpService - ok
16:21:09.0636 2140 [ E1A119AD21F5AFE22EB516C549306D3D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:21:09.0636 2140 UNS - ok
16:21:09.0714 2140 [ 4A2FFDAC45F317E17DF642C7160EB633 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:21:09.0730 2140 upnphost - ok
16:21:09.0761 2140 [ 433ECDE01A52691FA7ACA51C10C09B70 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
16:21:09.0761 2140 usbccgp - ok
16:21:09.0808 2140 [ B3D6457D841A0CAEF4C52D88621715F2 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
16:21:09.0808 2140 usbcir - ok
16:21:09.0839 2140 [ 5477D6E27C7D266EF8C152B9A25ADE5E ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
16:21:09.0855 2140 usbehci - ok
16:21:10.0011 2140 [ DF56C2C04EFA328D7A66B69007130266 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
16:21:10.0011 2140 usbhub - ok
16:21:10.0042 2140 [ C0E33820326199CE3CFD3B9F27F81D99 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
16:21:10.0042 2140 USBHUB3 - ok
16:21:10.0058 2140 [ 3019097FB6C985EF24C058090FF3BDBD ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
16:21:10.0074 2140 usbohci - ok
16:21:10.0089 2140 [ 4D655E3B684BE9B0F7FFD8A2935C348C ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
16:21:10.0089 2140 usbprint - ok
16:21:10.0152 2140 [ B1230E9813B5C7E762DF27756AA23917 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:21:10.0152 2140 USBSTOR - ok
16:21:10.0167 2140 [ BA4FA655E0FC577DB7436FC963932CE4 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
16:21:10.0167 2140 usbuhci - ok
16:21:10.0261 2140 [ 3B44CB989757428208CCFCC028C13110 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:21:10.0277 2140 USBXHCI - ok
16:21:10.0292 2140 [ F6F209DDB94959BA104FC8FC87C53759 ] VaultSvc C:\WINDOWS\system32\lsass.exe
16:21:10.0292 2140 VaultSvc - ok
16:21:10.0308 2140 [ FEB26E3B8345A7E8D62F945C4AE86562 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
16:21:10.0308 2140 vdrvroot - ok
16:21:10.0511 2140 [ CFBAD6B48EDFAA0828A52646B7C4C08D ] vds C:\WINDOWS\System32\vds.exe
16:21:10.0527 2140 vds - ok
16:21:10.0574 2140 [ A026EDEAA5EECAE0B08E2748B616D4BD ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
16:21:10.0574 2140 VerifierExt - ok
16:21:10.0730 2140 [ 041D3EF364E624DBB2703A64A5AADF89 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
16:21:10.0745 2140 vhdmp - ok
16:21:10.0792 2140 [ 06D38968028E9AB19DE9B618C7B6D199 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
16:21:10.0792 2140 viaide - ok
16:21:10.0824 2140 [ C6305BDFC4F7CE51F72BB072C03D4ACE ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
16:21:10.0839 2140 vmbus - ok
16:21:10.0855 2140 [ DA40BEA0A863CE768C940CA9723BF81F ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
16:21:10.0855 2140 VMBusHID - ok
16:21:10.0980 2140 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
16:21:10.0980 2140 vmicguestinterface - ok
16:21:10.0995 2140 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
16:21:10.0995 2140 vmicheartbeat - ok
16:21:11.0011 2140 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
16:21:11.0011 2140 vmickvpexchange - ok
16:21:11.0027 2140 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
16:21:11.0027 2140 vmicrdv - ok
16:21:11.0042 2140 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
16:21:11.0042 2140 vmicshutdown - ok
16:21:11.0058 2140 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
16:21:11.0058 2140 vmictimesync - ok
16:21:11.0074 2140 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicvss C:\WINDOWS\System32\ICSvc.dll
16:21:11.0089 2140 vmicvss - ok
16:21:11.0105 2140 [ 55D7D963DE85162F1C49721E502F9744 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
16:21:11.0105 2140 volmgr - ok
16:21:11.0183 2140 [ CCB9E901F7254BF96D28EB1B0E5329B7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
16:21:11.0183 2140 volmgrx - ok
16:21:11.0245 2140 [ 9F9CE33B50611A1C61A46B8911E0B30B ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
16:21:11.0245 2140 volsnap - ok
16:21:11.0292 2140 [ 01355C98B5C3ED1EC446743CDA848FCE ] vpci C:\WINDOWS\System32\drivers\vpci.sys
16:21:11.0292 2140 vpci - ok
16:21:11.0339 2140 [ 4539F45F9F4C9757A86A56C949421E07 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
16:21:11.0339 2140 vsmraid - ok
16:21:11.0574 2140 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC ] VSS C:\WINDOWS\system32\vssvc.exe
16:21:11.0605 2140 VSS - ok
16:21:11.0683 2140 [ 0849B7260F26FE05EA56DED0672E2F4B ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
16:21:11.0699 2140 VSTXRAID - ok
16:21:11.0730 2140 [ BE970C369E43B509C1EDA2B8FA7CECB0 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
16:21:11.0730 2140 vwifibus - ok
16:21:11.0761 2140 [ 6B26AD573CCDD5209DF4397438B76354 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
16:21:11.0761 2140 vwififlt - ok
16:21:11.0777 2140 [ 0B48E0DFB44EE475F4FD8A8EE599AF30 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
16:21:11.0777 2140 vwifimp - ok
16:21:11.0839 2140 [ 7599E582CA3A6AAA95A18FFE1172D339 ] W32Time C:\WINDOWS\system32\w32time.dll
16:21:11.0855 2140 W32Time - ok
16:21:11.0870 2140 [ 0910AB9ED404C1434E2D0376C2AD5D8B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
16:21:11.0870 2140 WacomPen - ok
16:21:12.0105 2140 [ 92BF4B3EBD6F163B94B7A20C65E7B698 ] wbengine C:\WINDOWS\system32\wbengine.exe
16:21:12.0120 2140 wbengine - ok
16:21:12.0214 2140 [ 58F28103889817C93E5B5AFABC87E709 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
16:21:12.0230 2140 WbioSrvc - ok
16:21:12.0246 2140 [ 772365894F14652D376B2E5030179DC9 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
16:21:12.0261 2140 Wcmsvc - ok
16:21:12.0277 2140 [ D2726823DF7E19F213F4805A9D6D145F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
16:21:12.0292 2140 wcncsvc - ok
16:21:12.0308 2140 [ 846C02A8B48CBD921A3D6AB521AA0DC4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
16:21:12.0324 2140 WcsPlugInService - ok
16:21:12.0339 2140 [ 694B28DE12AD47031FFB4B052662131A ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
16:21:12.0339 2140 WdBoot - ok
16:21:12.0449 2140 [ CB6C63FF8342B467E2EF76E98D5B934D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
16:21:12.0449 2140 Wdf01000 - ok
16:21:12.0511 2140 [ 0B99529A3BECC3528D865DDECB62503B ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
16:21:12.0511 2140 WdFilter - ok
16:21:12.0527 2140 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
16:21:12.0542 2140 WdiServiceHost - ok
16:21:12.0542 2140 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
16:21:12.0542 2140 WdiSystemHost - ok
16:21:12.0574 2140 [ 282E7D46310338FF4A6B7680440EB0DA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:21:12.0574 2140 WdNisDrv - ok
16:21:12.0605 2140 WdNisSvc - ok
16:21:12.0636 2140 [ 6588A957873326361AB1CAC4E76F8394 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:21:12.0652 2140 WebClient - ok
16:21:12.0683 2140 [ 3274312F263882B51B964329FAF49734 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
16:21:12.0683 2140 Wecsvc - ok
16:21:12.0699 2140 [ 7CDD84E0023A0C5C230B06A7965EC65E ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
16:21:12.0699 2140 WEPHOSTSVC - ok
16:21:12.0730 2140 [ AA1315B87D9B2E39584165318A59F15D ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
16:21:12.0730 2140 wercplsupport - ok
16:21:12.0746 2140 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
16:21:12.0761 2140 WerSvc - ok
16:21:12.0792 2140 [ 2E3E82D7B1076B90F4E228A8EF17B261 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
16:21:12.0792 2140 WFPLWFS - ok
16:21:12.0824 2140 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
16:21:12.0824 2140 WiaRpc - ok
16:21:12.0855 2140 [ 867BCC69ED9C31C501465EB0E8BA9DFA ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
16:21:12.0855 2140 WIMMount - ok
16:21:12.0855 2140 WinDefend - ok
16:21:12.0980 2140 [ DD079EC8F44DCA3A176B345C6ADEFB66 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:21:12.0980 2140 WinHttpAutoProxySvc - ok
16:21:13.0199 2140 [ 9DB490F3E823C5C3C070644B96CB9D59 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:21:13.0199 2140 Winmgmt - ok
16:21:13.0230 2140 WinRing0_1_2_0 - ok
16:21:13.0652 2140 [ 690C3FC5C9DBD6B9AEDF8341EC720E41 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
16:21:13.0699 2140 WinRM - ok
16:21:13.0761 2140 [ AC263C2F66405589528995AA41040599 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
16:21:13.0761 2140 WinUsb - ok
16:21:14.0058 2140 [ 9378B4E7E4E3EAE2F05823CFFF2C6EF4 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
16:21:14.0074 2140 WlanSvc - ok
16:21:14.0121 2140 [ C2838466CCC44FAEF2C3D4C1E5971ECB ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
16:21:14.0136 2140 wlidsvc - ok
16:21:14.0152 2140 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
16:21:14.0152 2140 WmiAcpi - ok
16:21:14.0183 2140 [ 7AFAC828F52D62F304A911EC32F42EEE ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:21:14.0199 2140 wmiApSrv - ok
16:21:14.0246 2140 WMPNetworkSvc - ok
16:21:14.0308 2140 [ E178371E493BF17EB90FE71ABA8BE643 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
16:21:14.0324 2140 workfolderssvc - ok
16:21:14.0339 2140 [ E746BCDBA2E02CF6B8D6B26FB167FBE0 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
16:21:14.0339 2140 wpcfltr - ok
16:21:14.0371 2140 [ 4E6A0F60DA7EF050D3D26417CD4D24E9 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
16:21:14.0371 2140 WPCSvc - ok
16:21:14.0386 2140 [ D27491CFCE452C154CECFA155AD0EBC8 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
16:21:14.0386 2140 WPDBusEnum - ok
16:21:14.0402 2140 [ 9F2904B55F6CECCD1A8D986B5CE2609A ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:21:14.0402 2140 WpdUpFltr - ok
16:21:14.0433 2140 [ AE072B0339D0A18E455DC21666CAD572 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:21:14.0433 2140 ws2ifsl - ok
16:21:14.0449 2140 [ 5CFA46C4ACB2FD70572017052378DAE5 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
16:21:14.0449 2140 wscsvc - ok
16:21:14.0449 2140 WSearch - ok
16:21:14.0527 2140 [ 3671C668670626DAB0D47B44F65F0489 ] WSService C:\WINDOWS\System32\WSService.dll
16:21:14.0542 2140 WSService - ok
16:21:14.0589 2140 [ 72B4E9DF6456C43C42A1419B09486045 ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
16:21:14.0589 2140 wsvd - ok
16:21:14.0683 2140 [ 86D0BF4F792053A50D6EE43DFA5837A5 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
16:21:14.0714 2140 wuauserv - ok
16:21:14.0746 2140 [ 2FEAE33E9B2B56104596E1BA444405A9 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
16:21:14.0746 2140 WudfPf - ok
16:21:14.0761 2140 [ 19240C13F526125554B5370566F21A0A ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
16:21:14.0777 2140 WUDFRd - ok
16:21:14.0777 2140 [ 19240C13F526125554B5370566F21A0A ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:21:14.0777 2140 WUDFSensorLP - ok
16:21:14.0808 2140 [ BB73CBC65AABC4EA0A5C6A1474A0A743 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
16:21:14.0824 2140 wudfsvc - ok
16:21:14.0824 2140 [ 19240C13F526125554B5370566F21A0A ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:21:14.0824 2140 WUDFWpdFs - ok
16:21:14.0839 2140 [ 19240C13F526125554B5370566F21A0A ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:21:14.0839 2140 WUDFWpdMtp - ok
16:21:14.0871 2140 [ 2FA9794CA36147756F3FDFD6CA29B46F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
16:21:14.0871 2140 WwanSvc - ok
16:21:14.0933 2140 X6va015 - ok
16:21:14.0949 2140 X6va016 - ok
16:21:14.0996 2140 [ 03CD249A16CF815FFFD347DC61EF9E6D ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
16:21:14.0996 2140 ZAtheros Bt and Wlan Coex Agent - ok
16:21:15.0011 2140 ================ Scan global ===============================
16:21:15.0043 2140 [ C89780A6F58D113C28A96D85D1261DC5 ] C:\WINDOWS\system32\basesrv.dll
16:21:15.0089 2140 [ 599F1244C60E3D6C28A8DA7FBA7A2C13 ] C:\WINDOWS\system32\winsrv.dll
16:21:15.0105 2140 [ 9C1833ABD62876856836C5AE55C7CE86 ] C:\WINDOWS\system32\sxssrv.dll
16:21:15.0136 2140 [ B4B610BBCB002EC478C6FD80CF915697 ] C:\WINDOWS\system32\services.exe
16:21:15.0136 2140 [Global] - ok
16:21:15.0136 2140 ================ Scan MBR ==================================
16:21:15.0152 2140 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:21:15.0168 2140 \Device\Harddisk0\DR0 - ok
16:21:15.0168 2140 ================ Scan VBR ==================================
16:21:15.0183 2140 [ 41F105BAD697140E0F1A360BC963197A ] \Device\Harddisk0\DR0\Partition1
16:21:15.0183 2140 \Device\Harddisk0\DR0\Partition1 - ok
16:21:15.0183 2140 [ 63EF85674C06EA0104BD52109A16A365 ] \Device\Harddisk0\DR0\Partition2
16:21:15.0199 2140 \Device\Harddisk0\DR0\Partition2 - ok
16:21:15.0199 2140 [ A3322261FDD6033BF44A3BD5F401BD5E ] \Device\Harddisk0\DR0\Partition3
16:21:15.0199 2140 \Device\Harddisk0\DR0\Partition3 - ok
16:21:15.0230 2140 [ 3F215E98FD6E925DA8E24DB8D4FE1EA3 ] \Device\Harddisk0\DR0\Partition4
16:21:15.0230 2140 \Device\Harddisk0\DR0\Partition4 - ok
16:21:15.0230 2140 [ BE80B4C035D5E150F3905A00EEA998A4 ] \Device\Harddisk0\DR0\Partition5
16:21:15.0246 2140 \Device\Harddisk0\DR0\Partition5 - ok
16:21:15.0277 2140 [ F7300909ED084E0060D6C70FD96E7838 ] \Device\Harddisk0\DR0\Partition6
16:21:15.0277 2140 \Device\Harddisk0\DR0\Partition6 - ok
16:21:15.0293 2140 [ 66EDEE3392448FEC08EAFBA966337624 ] \Device\Harddisk0\DR0\Partition7
16:21:15.0293 2140 \Device\Harddisk0\DR0\Partition7 - ok
16:21:15.0308 2140 [ CFDBC5B1302A40A968BAC72AADFDC13B ] \Device\Harddisk0\DR0\Partition8
16:21:15.0308 2140 \Device\Harddisk0\DR0\Partition8 - ok
16:21:15.0308 2140 ============================================================
16:21:15.0308 2140 Scan finished
16:21:15.0308 2140 ============================================================
16:21:15.0324 3412 Detected object count: 0
16:21:15.0324 3412 Actual detected object count: 0
16:21:50.0780 0904 Deinitialize success

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

RogueKiller V8.7.13 _x64_ [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Lam [Práva správce]
Mód : Odebrat -- Datum : 12/26/2013 14:09:56
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ SECU][PUM] HKLM\[...]\Wow6432Node\[...]\Security Center : UpdatesDisableNotify (0) -> NAHRAZENO ()
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 3a06b487acf4bf97269bed8003ca0af6
[BSP] 2f386bd92e59708bb6f43c5c6293f66d : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_12262013_140956.txt >>
RKreport[0]_S_12252013_161935.txt;RKreport[0]_S_12262013_140945.txt



Combofix nelze spustit z důvody kompatibilty, zkoušel jsem ho spouštět ve všech režimech, ale ani jeden nefunguje.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

OTL logfile created on: 27. 12. 2013 15:33:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lam\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d. M. yyyy

7,86 Gb Total Physical Memory | 6,31 Gb Available Physical Memory | 80,25% Memory free
9,11 Gb Paging File | 7,50 Gb Available in Paging File | 82,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 883,84 Gb Total Space | 769,06 Gb Free Space | 87,01% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 8,85 Gb Free Space | 35,42% Space Free | Partition Type: NTFS

Computer Name: MANTIK | User Name: Lam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Lam\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\PC Cleaners\PCCleaners.exe (PC Cleaners Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe (Microsoft)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)


========== Modules (No Company Name) ==========

MOD - C:\ProgramData\PC1Data\av\vipre.dll ()
MOD - C:\ProgramData\PC1Data\av\d\libMachoUniv.dll ()
MOD - C:\ProgramData\PC1Data\av\d\libBase64.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Qualcomm Atheros Commnucations)
SRV - (ZAtheros Bt and Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)


========== Driver Services (SafeList) ==========

DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys ("CyberLink)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.dosearches.com/web/?utm_s ... default&q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.dosearches.com/web/?utm_s ... default&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{414CF5AD-901C-41E8-A1FE-411B8D646566}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{414CF5AD-901C-41E8-A1FE-411B8D646566}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\Free Media Player\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Lam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2013/12/23 20:35:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lam\AppData\Roaming\mozilla\Extensions
[2013/12/25 16:11:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lam\AppData\Roaming\mozilla\Firefox\Profiles\jgia5n34.default\extensions
[2013/12/23 20:44:45 | 000,479,561 | ---- | M] () (No name found) -- C:\Users\Lam\AppData\Roaming\mozilla\firefox\profiles\jgia5n34.default\extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi
[2013/12/23 20:35:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/23 20:35:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/12/23 20:35:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2013/12/23 20:35:12 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

O1 HOSTS File: ([2013/09/18 20:09:22 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (surf aNd keep) - {62B98EFE-BEDB-922B-2E61-F00F6B9D0D0C} - C:\Program Files (x86)\surf aNd keep\NYjHTH4v.x64.dll File not found
O2:64bit: - BHO: (YoutubeAdblocker) - {7C6EE233-66E3-2BCB-72DB-49E574A617AD} - C:\Program Files (x86)\YoutubeAdblocker\MElq6DOl.x64.dll File not found
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [BtPreLoad] C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe ()
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtsFT] C:\WINDOWS\RTFTrack.exe (Realtek semiconductor)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IntellingentTouchpad] C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe (Microsoft)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Lam\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [PC Cleaners] C:\ProgramData\PC Cleaners\PCCleaners.exe (PC Cleaners Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{130BEB99-7D03-422A-912E-06AD68162D2F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BAD0226-4627-422F-B092-A25EE250FE75}: DhcpNameServer = 195.113.44.11 195.113.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BAD0226-4627-422F-B092-A25EE250FE75}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\WINDOWS\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/12/19 22:03:01 | 000,018,941 | ---- | M] () - C:\autoupdate.log -- [ NTFS ]
O33 - MountPoints2\{d9ddbfec-3974-11e3-beb4-20689df4e42e}\Shell - "" = AutoRun
O33 - MountPoints2\{d9ddbfec-3974-11e3-beb4-20689df4e42e}\Shell\AutoRun\command - "" = "F:\HTC_Sync_Manager_PC.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/27 15:31:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lam\Desktop\OTL.exe
[2013/12/27 11:49:01 | 006,252,752 | ---- | C] (PC Cleaners) -- C:\ProgramData\pclunst.exe
[2013/12/27 11:49:01 | 000,000,000 | ---D | C] -- C:\Users\Lam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Cleaners
[2013/12/27 11:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PC1Data
[2013/12/27 11:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Cleaners
[2013/12/27 11:25:53 | 006,252,752 | ---- | C] (PC Cleaners) -- C:\Users\Lam\Desktop\PC_Cleaner_Pro_Installer_a3.exe
[2013/12/26 14:09:26 | 000,204,568 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\SysNative\drivers\ssudmdm.sys.bak
[2013/12/26 14:09:25 | 000,107,288 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\SysNative\drivers\ssudbus.sys.bak
[2013/12/25 16:19:32 | 000,102,376 | ---- | C] ("CyberLink) -- C:\WINDOWS\SysNative\drivers\wsvd.sys.bak
[2013/12/25 16:19:32 | 000,023,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WppRecorder.sys.bak
[2013/12/25 16:19:31 | 000,054,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys.bak
[2013/12/25 16:19:31 | 000,026,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WpdUpFltr.sys.bak
[2013/12/25 16:19:31 | 000,018,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wmilib.sys.bak
[2013/12/25 16:19:30 | 000,136,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys.bak
[2013/12/25 16:19:30 | 000,061,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhv.sys.bak
[2013/12/25 16:19:30 | 000,038,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\werkernel.sys.bak
[2013/12/25 16:19:29 | 000,265,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys.bak
[2013/12/25 16:19:29 | 000,124,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys.bak
[2013/12/25 16:19:29 | 000,060,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdfLdr.sys.bak
[2013/12/25 16:19:28 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\watchdog.sys.bak
[2013/12/25 16:19:28 | 000,034,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys.bak
[2013/12/25 16:19:27 | 000,305,504 | ---- | C] (VIA Corporation) -- C:\WINDOWS\SysNative\drivers\VSTXRAID.SYS.bak
[2013/12/25 16:19:26 | 000,069,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys.bak
[2013/12/25 16:19:25 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmgencounter.sys.bak
[2013/12/25 16:19:24 | 000,090,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys.bak
[2013/12/25 16:19:24 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\videoprt.sys.bak
[2013/12/25 16:19:23 | 000,175,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\VerifierExt.sys.bak
[2013/12/25 16:19:23 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbrpm.sys.bak
[2013/12/25 16:19:22 | 000,032,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBCAMD2.sys.bak
[2013/12/25 16:19:22 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys.bak
[2013/12/25 16:19:20 | 000,121,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tm.sys.bak
[2013/12/25 16:19:20 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys.bak
[2013/12/25 16:19:20 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tdi.sys.bak
[2013/12/25 16:19:18 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stream.sys.bak
[2013/12/25 16:19:18 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tape.sys.bak
[2013/12/25 16:19:18 | 000,021,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tbs.sys.bak
[2013/12/25 16:19:17 | 000,374,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys.bak
[2013/12/25 16:19:17 | 000,107,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys.bak
[2013/12/25 16:19:16 | 000,031,072 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\SysNative\drivers\stexstor.sys.bak
[2013/12/25 16:19:15 | 000,072,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SpbCx.sys.bak
[2013/12/25 16:19:14 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\smclib.sys.bak
[2013/12/25 16:19:13 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys.bak
[2013/12/25 16:19:13 | 000,069,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx.sys.bak
[2013/12/25 16:19:12 | 000,170,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\scsiport.sys.bak
[2013/12/25 16:19:10 | 000,315,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\drivers\RtsUVStor.sys.bak
[2013/12/25 16:19:08 | 008,227,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\drivers\rtsuvc.sys.bak
[2013/12/25 16:19:08 | 000,591,360 | ---- | C] (Realtek ) -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys.bak
[2013/12/25 16:19:07 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\RNDISMP.sys.bak
[2013/12/25 16:19:07 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rootmdm.sys.bak
[2013/12/25 16:19:06 | 000,924,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys.bak
[2013/12/25 16:19:06 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rmcast.sys.bak
[2013/12/25 16:19:06 | 000,027,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys.bak
[2013/12/25 16:19:03 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys.bak
[2013/12/25 16:18:58 | 000,030,496 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys.bak
[2013/12/25 16:18:56 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc63.sys.bak
[2013/12/25 16:18:55 | 000,478,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys.bak
[2013/12/25 16:18:55 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Ndu.sys.bak
[2013/12/25 16:18:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisVirtualBus.sys.bak
[2013/12/25 16:18:53 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys.bak
[2013/12/25 16:18:52 | 000,063,840 | ---- | C] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\SysNative\drivers\mvumis.sys.bak
[2013/12/25 16:18:50 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mslldp.sys.bak
[2013/12/25 16:18:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mshidumdf.sys.bak
[2013/12/25 16:18:48 | 000,146,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys.bak
[2013/12/25 16:18:45 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mcd.sys.bak
[2013/12/25 16:18:44 | 000,082,784 | ---- | C] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sss.sys.bak
[2013/12/25 16:18:44 | 000,081,760 | ---- | C] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sas3.sys.bak
[2013/12/25 16:18:44 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys.bak
[2013/12/25 16:18:43 | 000,093,536 | ---- | C] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys.bak
[2013/12/25 16:18:43 | 000,039,008 | ---- | C] (Lenovo.) -- C:\WINDOWS\SysNative\drivers\LhdX64.sys.bak
[2013/12/25 16:18:41 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\irda.sys.bak
[2013/12/25 16:18:41 | 000,027,032 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iwdbus.sys.bak
[2013/12/25 16:18:39 | 000,039,320 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\intelaud.sys.bak
[2013/12/25 16:18:38 | 000,342,528 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys.bak
[2013/12/25 16:18:37 | 005,353,888 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys.bak
[2013/12/25 16:18:36 | 000,651,248 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaStorAV.sys.bak
[2013/12/25 16:18:36 | 000,645,952 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaStorA.sys.bak
[2013/12/25 16:18:36 | 000,099,320 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaLPSSi_I2C.sys.bak
[2013/12/25 16:18:36 | 000,024,568 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaLPSSi_GPIO.sys.bak
[2013/12/25 16:18:35 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\HyperVideo.sys.bak
[2013/12/25 16:18:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hyperkbd.sys.bak
[2013/12/25 16:18:34 | 000,064,352 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys.bak
[2013/12/25 16:18:33 | 000,428,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS.bak
[2013/12/25 16:18:33 | 000,062,784 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\HECIx64.sys.bak
[2013/12/25 16:18:32 | 000,030,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys.bak
[2013/12/25 16:18:29 | 003,357,024 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\evbda.sys.bak
[2013/12/25 16:18:29 | 000,318,800 | ---- | C] (ELAN Microelectronics Corp.) -- C:\WINDOWS\SysNative\drivers\ETD.sys.bak
[2013/12/25 16:18:28 | 000,082,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\EhStorClass.sys.bak
[2013/12/25 16:18:28 | 000,044,120 | ---- | C] (ESET) -- C:\WINDOWS\SysNative\drivers\EpfwLWF.sys.bak
[2013/12/25 16:18:27 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys.bak
[2013/12/25 16:18:27 | 000,071,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys.bak
[2013/12/25 16:18:27 | 000,033,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpata.sys.bak
[2013/12/25 16:18:26 | 000,036,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys.bak
[2013/12/25 16:18:26 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dmvsc.sys.bak
[2013/12/25 16:18:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dmpusbstor.sys.bak
[2013/12/25 16:18:25 | 000,068,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys.bak
[2013/12/25 16:18:25 | 000,057,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys.bak
[2013/12/25 16:18:25 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\condrv.sys.bak
[2013/12/25 16:18:24 | 000,377,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys.bak
[2013/12/25 16:18:24 | 000,337,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys.bak
[2013/12/25 16:18:23 | 000,575,128 | ---- | C] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btfilter.sys.bak
[2013/12/25 16:18:23 | 000,531,296 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys.bak
[2013/12/25 16:18:22 | 000,178,840 | ---- | C] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btath_hcrp.sys.bak
[2013/12/25 16:18:22 | 000,135,832 | ---- | C] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btath_rcp.sys.bak
[2013/12/25 16:18:22 | 000,076,952 | ---- | C] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btath_lwflt.sys.bak
[2013/12/25 16:18:21 | 000,114,840 | ---- | C] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btath_avdt.sys.bak
[2013/12/25 16:18:21 | 000,088,728 | ---- | C] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btath_flt.sys.bak
[2013/12/25 16:18:20 | 000,344,216 | ---- | C] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btath_a2dp.sys.bak
[2013/12/25 16:18:18 | 003,680,256 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\WINDOWS\SysNative\drivers\athw8x.sys.bak
[2013/12/25 16:18:18 | 000,017,624 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\bcmfn2.sys.bak
[2013/12/25 16:18:17 | 000,259,424 | ---- | C] (AMD Technologies Inc.) -- C:\WINDOWS\SysNative\drivers\amdsbs.sys.bak
[2013/12/25 16:18:17 | 000,025,952 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amdxata.sys.bak
[2013/12/25 16:18:16 | 000,079,200 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amdsata.sys.bak
[2013/12/25 16:18:15 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys.bak
[2013/12/25 16:18:14 | 000,782,176 | ---- | C] (PMC-Sierra) -- C:\WINDOWS\SysNative\drivers\adp80xx.sys.bak
[2013/12/25 16:18:14 | 000,079,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\acpiex.sys.bak
[2013/12/25 16:18:14 | 000,033,560 | ---- | C] (Lenovo Corporation) -- C:\WINDOWS\SysNative\drivers\AcpiVpc.sys.bak
[2013/12/25 16:18:12 | 000,108,896 | ---- | C] (LSI) -- C:\WINDOWS\SysNative\drivers\3ware.sys.bak
[2013/12/24 20:06:39 | 000,000,000 | ---D | C] -- C:\Users\Lam\AppData\Local\BMExplorer
[2013/12/24 14:09:03 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/12/24 13:48:56 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\Lam\Desktop\JRT.exe
[2013/12/24 13:48:39 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\Lam\Desktop\ATF-Cleaner.exe
[2013/12/24 09:55:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013/12/24 09:55:30 | 000,000,000 | ---D | C] -- C:\Users\Lam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/12/23 20:30:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/12/23 20:30:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/12/23 16:41:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/12/23 16:41:25 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2013/12/23 16:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/12/23 16:35:04 | 000,000,000 | ---D | C] -- C:\Users\Lam\AppData\Roaming\ESET
[2013/12/23 16:35:04 | 000,000,000 | ---D | C] -- C:\Users\Lam\AppData\Local\ESET
[2013/12/22 12:34:54 | 000,000,000 | ---D | C] -- C:\Users\Lam\AppData\Roaming\Yahoo!
[2013/12/21 11:48:22 | 000,000,000 | ---D | C] -- C:\Users\Lam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAND BAG CALC
[2013/12/21 11:46:31 | 000,000,000 | ---D | C] -- C:\Users\Lam\Desktop\BLUE
[2013/12/21 11:38:45 | 000,000,000 | ---D | C] -- C:\Users\Lam\.android
[2013/12/21 11:38:42 | 000,000,000 | ---D | C] -- C:\Users\Lam\AppData\Local\genienext
[2013/12/21 11:37:50 | 000,000,000 | ---D | C] -- C:\ProgramData\suurf aand! keep
[2013/12/20 20:45:02 | 000,000,000 | ---D | C] -- C:\Users\Lam\Desktop\sreng
[2013/12/15 12:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2013/12/14 16:51:07 | 003,395,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2013/12/14 16:51:00 | 006,639,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2013/12/14 16:50:58 | 005,769,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2013/12/14 16:50:55 | 002,617,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2013/12/14 16:50:54 | 001,231,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2013/12/14 16:50:53 | 002,328,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2013/12/14 16:50:53 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2013/12/14 16:50:53 | 002,065,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2013/12/14 16:50:53 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2013/12/14 16:50:53 | 001,147,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2013/12/14 16:50:52 | 001,067,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2013/12/14 16:50:52 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2013/12/14 16:50:51 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2013/12/14 16:50:51 | 000,883,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2013/12/14 16:50:50 | 002,134,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2013/12/14 16:50:50 | 001,287,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013/12/14 16:50:50 | 000,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013/12/14 16:50:50 | 000,481,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2013/12/14 16:50:49 | 004,599,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2013/12/14 16:50:49 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2013/12/14 16:50:49 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Http.dll
[2013/12/14 16:50:49 | 000,699,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10level9.dll
[2013/12/14 16:50:49 | 000,380,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2013/12/14 16:50:48 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Http.dll
[2013/12/14 16:50:48 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013/12/14 16:50:47 | 001,373,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2013/12/14 16:50:47 | 001,011,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2013/12/14 16:50:47 | 000,708,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2013/12/14 16:50:46 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2013/12/14 16:50:46 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2013/12/14 16:50:46 | 000,631,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2013/12/14 16:50:46 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2013/12/14 16:50:45 | 001,204,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2013/12/14 16:50:45 | 000,518,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2013/12/14 16:50:45 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapphost.dll
[2013/12/14 16:50:43 | 000,465,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2013/12/14 16:50:43 | 000,171,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kd_02_8086.dll
[2013/12/14 16:50:43 | 000,031,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2013/12/14 16:50:42 | 000,795,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2013/12/14 16:50:42 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2013/12/14 16:50:42 | 000,558,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2013/12/14 16:50:42 | 000,391,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsmf.dll
[2013/12/14 16:50:42 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eapp3hst.dll
[2013/12/14 16:50:41 | 000,345,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsmf.dll
[2013/12/14 16:50:41 | 000,317,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2013/12/14 16:50:41 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2013/12/14 16:50:40 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcsvDevice.dll
[2013/12/14 16:50:40 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapphost.dll
[2013/12/14 16:50:40 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msched.dll
[2013/12/14 16:50:40 | 000,104,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2013/12/14 16:50:40 | 000,088,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2013/12/14 16:50:39 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2013/12/14 16:50:38 | 000,044,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2013/12/14 16:50:37 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2013/12/14 16:50:37 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWbPrxy.exe
[2013/12/14 16:50:37 | 000,057,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2013/12/14 16:50:37 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2013/12/14 16:50:36 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2013/12/14 16:50:36 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2013/12/14 16:50:36 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shsetup.dll
[2013/12/14 16:50:35 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappcfg.dll
[2013/12/14 16:50:35 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappcfg.dll
[2013/12/14 16:50:35 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eapp3hst.dll
[2013/12/14 16:50:35 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2013/12/14 16:50:35 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shsetup.dll
[2013/12/14 16:50:34 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eappgnui.dll
[2013/12/14 16:50:34 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eappgnui.dll
[2013/12/14 16:50:33 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ftp.exe
[2013/12/14 16:50:32 | 001,704,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2013/12/14 16:50:32 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2013/12/14 16:50:29 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpclip.exe
[2013/12/14 16:50:29 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\miutils.dll
[2013/12/14 16:50:29 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\miutils.dll
[2013/12/14 16:50:29 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ftp.exe
[2013/12/14 16:48:58 | 002,801,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2013/12/14 16:48:58 | 001,085,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2013/12/14 16:48:58 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2013/12/14 16:48:45 | 018,577,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013/12/14 16:48:43 | 013,925,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013/12/14 16:48:33 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/12/14 16:48:33 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/12/14 16:48:32 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/12/14 16:48:31 | 011,674,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013/12/14 16:48:30 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2013/12/14 16:48:30 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/12/14 16:48:30 | 000,840,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/12/14 16:48:29 | 013,177,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013/12/14 16:48:27 | 007,399,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013/12/14 16:48:27 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013/12/14 16:48:27 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2013/12/14 16:48:22 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013/12/14 16:48:22 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2013/12/14 16:48:22 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2013/12/14 16:48:19 | 000,637,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2013/12/14 16:48:19 | 000,358,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2013/12/14 16:48:19 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/12/14 16:48:18 | 002,896,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2013/12/14 16:48:18 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2013/12/14 16:48:18 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2013/12/14 16:48:18 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2013/12/14 16:48:17 | 001,756,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2013/12/14 16:48:16 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2013/12/14 16:48:16 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2013/12/14 16:48:16 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2013/12/14 16:48:15 | 001,345,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2013/12/14 16:48:14 | 001,642,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2013/12/14 16:48:14 | 001,476,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2013/12/14 16:48:13 | 002,266,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2013/12/14 16:48:13 | 001,506,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2013/12/14 16:48:13 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2013/12/14 16:48:13 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2013/12/14 16:48:13 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2013/12/14 16:48:12 | 001,391,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2013/12/14 16:48:12 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013/12/14 16:48:12 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2013/12/14 16:48:12 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2013/12/14 16:48:11 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/12/14 16:48:11 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/12/14 16:48:11 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2013/12/14 16:48:11 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2013/12/14 16:48:10 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2013/12/14 16:48:10 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2013/12/14 16:48:10 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2013/12/14 16:48:10 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/12/14 16:48:10 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/12/14 16:48:08 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2013/12/14 15:05:16 | 000,075,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2013/12/14 15:05:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2013/12/14 15:05:15 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2013/12/14 15:05:13 | 001,341,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013/12/14 15:05:11 | 000,136,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2013/12/14 15:05:09 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2013/12/14 15:05:09 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2013/12/14 15:05:06 | 004,105,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2013/12/14 15:05:06 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2013/12/14 15:04:53 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013/12/14 15:04:50 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2013/12/14 15:04:49 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2013/12/14 15:04:49 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2013/12/14 15:04:48 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2013/12/14 15:04:48 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2013/12/14 15:04:48 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2013/12/14 15:04:39 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2013/12/14 15:04:39 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2013/12/14 15:04:37 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2013/12/14 15:04:36 | 001,943,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2013/12/14 15:04:36 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2013/12/14 15:04:36 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2013/12/08 15:49:07 | 000,000,000 | ---D | C] -- C:\Users\Lam\Desktop\Movies
[2013/12/05 22:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/12/05 22:08:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/12/03 14:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free PDF Solutions
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/12/27 15:32:18 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/12/27 15:31:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lam\Desktop\OTL.exe
[2013/12/27 15:30:15 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/12/27 15:30:12 | 2455,777,279 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/27 15:08:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/12/27 14:31:10 | 001,745,984 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/12/27 14:31:10 | 000,739,924 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2013/12/27 14:31:10 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/12/27 14:31:10 | 000,151,610 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2013/12/27 14:31:10 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/12/27 14:05:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-908574775-679172992-511979433-1002UA.job
[2013/12/27 11:49:01 | 000,000,758 | ---- | M] () -- C:\Users\Lam\Desktop\PC Cleaner Pro.lnk
[2013/12/27 11:25:53 | 006,252,752 | ---- | M] (PC Cleaners) -- C:\ProgramData\pclunst.exe
[2013/12/27 11:25:53 | 006,252,752 | ---- | M] (PC Cleaners) -- C:\Users\Lam\Desktop\PC_Cleaner_Pro_Installer_a3.exe
[2013/12/27 11:05:00 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-908574775-679172992-511979433-1002Core.job
[2013/12/26 18:56:49 | 177,111,537 | ---- | M] () -- C:\Users\Lam\Desktop\[CNT]_Naruto_Shippuuden_343_v2_[D1C987FF].mkv
[2013/12/26 14:09:42 | 000,102,376 | ---- | M] ("CyberLink) -- C:\WINDOWS\SysNative\drivers\wsvd.sys.bak
[2013/12/26 14:09:42 | 000,023,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WppRecorder.sys.bak
[2013/12/26 14:09:41 | 000,054,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys.bak
[2013/12/26 14:09:41 | 000,026,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WpdUpFltr.sys.bak
[2013/12/26 14:09:41 | 000,018,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wmilib.sys.bak
[2013/12/26 14:09:40 | 000,136,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys.bak
[2013/12/26 14:09:40 | 000,061,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhv.sys.bak
[2013/12/26 14:09:40 | 000,038,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\werkernel.sys.bak
[2013/12/26 14:09:39 | 000,265,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys.bak
[2013/12/26 14:09:39 | 000,124,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys.bak
[2013/12/26 14:09:39 | 000,060,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdfLdr.sys.bak
[2013/12/26 14:09:38 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\watchdog.sys.bak
[2013/12/26 14:09:38 | 000,034,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys.bak
[2013/12/26 14:09:36 | 000,305,504 | ---- | M] (VIA Corporation) -- C:\WINDOWS\SysNative\drivers\VSTXRAID.SYS.bak
[2013/12/26 14:09:36 | 000,069,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys.bak
[2013/12/26 14:09:35 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmgencounter.sys.bak
[2013/12/26 14:09:34 | 000,090,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys.bak
[2013/12/26 14:09:33 | 000,175,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\VerifierExt.sys.bak
[2013/12/26 14:09:33 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\videoprt.sys.bak
[2013/12/26 14:09:33 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbrpm.sys.bak
[2013/12/26 14:09:32 | 000,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBCAMD2.sys.bak
[2013/12/26 14:09:32 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys.bak
[2013/12/26 14:09:30 | 000,121,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tm.sys.bak
[2013/12/26 14:09:30 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys.bak
[2013/12/26 14:09:29 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tdi.sys.bak
[2013/12/26 14:09:28 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stream.sys.bak
[2013/12/26 14:09:28 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tape.sys.bak
[2013/12/26 14:09:28 | 000,021,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tbs.sys.bak
[2013/12/26 14:09:27 | 000,374,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys.bak
[2013/12/26 14:09:27 | 000,107,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys.bak
[2013/12/26 14:09:26 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\SysNative\drivers\ssudmdm.sys.bak
[2013/12/26 14:09:26 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\SysNative\drivers\ssudbus.sys.bak
[2013/12/26 14:09:26 | 000,031,072 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\SysNative\drivers\stexstor.sys.bak
[2013/12/26 14:09:24 | 000,072,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SpbCx.sys.bak
[2013/12/26 14:09:24 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\smclib.sys.bak
[2013/12/26 14:09:23 | 000,146,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys.bak
[2013/12/26 14:09:23 | 000,069,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx.sys.bak
[2013/12/26 14:09:22 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\drivers\RtsUVStor.sys.bak
[2013/12/26 14:09:22 | 000,170,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\scsiport.sys.bak
[2013/12/26 14:09:20 | 008,227,216 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\drivers\rtsuvc.sys.bak
[2013/12/26 14:09:18 | 000,591,360 | ---- | M] (Realtek ) -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys.bak
[2013/12/26 14:09:17 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rmcast.sys.bak
[2013/12/26 14:09:17 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\RNDISMP.sys.bak
[2013/12/26 14:09:17 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rootmdm.sys.bak
[2013/12/26 14:09:16 | 000,924,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys.bak
[2013/12/26 14:09:16 | 000,027,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys.bak
[2013/12/26 14:09:13 | 000,086,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys.bak
[2013/12/26 14:09:10 | 000,030,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys.bak
[2013/12/26 14:09:05 | 000,478,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys.bak
[2013/12/26 14:09:05 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc63.sys.bak
[2013/12/26 14:09:04 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Ndu.sys.bak
[2013/12/26 14:09:03 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisVirtualBus.sys.bak
[2013/12/26 14:09:02 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys.bak
[2013/12/26 14:09:01 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\SysNative\drivers\mvumis.sys.bak
[2013/12/26 14:08:59 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mslldp.sys.bak
[2013/12/26 14:08:59 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mshidumdf.sys.bak
[2013/12/26 14:08:58 | 000,146,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys.bak
[2013/12/26 14:08:55 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys.bak
[2013/12/26 14:08:55 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mcd.sys.bak
[2013/12/26 14:08:54 | 000,093,536 | ---- | M] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys.bak
[2013/12/26 14:08:54 | 000,082,784 | ---- | M] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sss.sys.bak
[2013/12/26 14:08:54 | 000,081,760 | ---- | M] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sas3.sys.bak
[2013/12/26 14:08:53 | 000,039,008 | ---- | M] (Lenovo.) -- C:\WINDOWS\SysNative\drivers\LhdX64.sys.bak
[2013/12/26 14:08:52 | 000,027,032 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iwdbus.sys.bak
[2013/12/26 14:08:51 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\irda.sys.bak
[2013/12/26 14:08:50 | 000,039,320 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\intelaud.sys.bak
[2013/12/26 14:08:49 | 000,342,528 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys.bak
[2013/12/26 14:08:48 | 005,353,888 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys.bak
[2013/12/26 14:08:47 | 000,651,248 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaStorAV.sys.bak
[2013/12/26 14:08:47 | 000,645,952 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaStorA.sys.bak
[2013/12/26 14:08:47 | 000,099,320 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaLPSSi_I2C.sys.bak
[2013/12/26 14:08:46 | 000,024,568 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaLPSSi_GPIO.sys.bak
[2013/12/26 14:08:46 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\HyperVideo.sys.bak
[2013/12/26 14:08:46 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hyperkbd.sys.bak
[2013/12/26 14:08:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys.bak
[2013/12/26 14:08:44 | 000,428,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS.bak
[2013/12/26 14:08:44 | 000,062,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\HECIx64.sys.bak
[2013/12/26 14:08:43 | 000,030,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys.bak
[2013/12/26 14:08:40 | 003,357,024 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\evbda.sys.bak
[2013/12/26 14:08:40 | 000,318,800 | ---- | M] (ELAN Microelectronics Corp.) -- C:\WINDOWS\SysNative\drivers\ETD.sys.bak
[2013/12/26 14:08:40 | 000,082,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\EhStorClass.sys.bak
[2013/12/26 14:08:40 | 000,044,120 | ---- | M] (ESET) -- C:\WINDOWS\SysNative\drivers\EpfwLWF.sys.bak
[2013/12/26 14:08:39 | 000,382,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys.bak
[2013/12/26 14:08:39 | 000,071,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys.bak
[2013/12/26 14:08:38 | 000,033,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpata.sys.bak
[2013/12/26 14:08:38 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dmvsc.sys.bak
[2013/12/26 14:08:38 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dmpusbstor.sys.bak
[2013/12/26 14:08:37 | 000,068,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys.bak
[2013/12/26 14:08:37 | 000,057,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys.bak
[2013/12/26 14:08:37 | 000,036,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys.bak
[2013/12/26 14:08:36 | 000,377,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys.bak
[2013/12/26 14:08:36 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\condrv.sys.bak
[2013/12/26 14:08:35 | 000,531,296 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys.bak
[2013/12/26 14:08:35 | 000,337,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys.bak
[2013/12/26 14:08:34 | 000,575,128 | ---- | M] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btfilter.sys.bak
[2013/12/26 14:08:34 | 000,178,840 | ---- | M] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btath_hcrp.sys.bak
[2013/12/26 14:08:34 | 000,135,832 | ---- | M] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btath_rcp.sys.bak
[2013/12/26 14:08:34 | 000,076,952 | ---- | M] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btath_lwflt.sys.bak
[2013/12/26 14:08:33 | 000,344,216 | ---- | M] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btath_a2dp.sys.bak
[2013/12/26 14:08:33 | 000,114,840 | ---- | M] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btath_avdt.sys.bak
[2013/12/26 14:08:33 | 000,088,728 | ---- | M] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btath_flt.sys.bak
[2013/12/26 14:08:31 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) -- C:\WINDOWS\SysNative\drivers\athw8x.sys.bak
[2013/12/26 14:08:31 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\bcmfn2.sys.bak
[2013/12/26 14:08:30 | 000,025,952 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amdxata.sys.bak
[2013/12/26 14:08:29 | 000,259,424 | ---- | M] (AMD Technologies Inc.) -- C:\WINDOWS\SysNative\drivers\amdsbs.sys.bak
[2013/12/26 14:08:29 | 000,079,200 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amdsata.sys.bak
[2013/12/26 14:08:29 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys.bak
[2013/12/26 14:08:28 | 000,782,176 | ---- | M] (PMC-Sierra) -- C:\WINDOWS\SysNative\drivers\adp80xx.sys.bak
[2013/12/26 14:08:27 | 000,108,896 | ---- | M] (LSI) -- C:\WINDOWS\SysNative\drivers\3ware.sys.bak
[2013/12/26 14:08:27 | 000,079,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\acpiex.sys.bak
[2013/12/26 14:08:27 | 000,033,560 | ---- | M] (Lenovo Corporation) -- C:\WINDOWS\SysNative\drivers\AcpiVpc.sys.bak
[2013/12/25 13:54:54 | 004,359,168 | ---- | M] () -- C:\Users\Lam\Desktop\RogueKillerX64.exe
[2013/12/24 13:48:57 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\Lam\Desktop\JRT.exe
[2013/12/24 13:48:52 | 001,233,962 | ---- | M] () -- C:\Users\Lam\Desktop\adwcleaner.exe
[2013/12/24 13:48:39 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Lam\Desktop\ATF-Cleaner.exe
[2013/12/24 09:55:30 | 000,002,997 | ---- | M] () -- C:\Users\Lam\Desktop\HiJackThis.lnk
[2013/12/24 09:53:48 | 001,402,880 | ---- | M] () -- C:\Users\Lam\Desktop\HiJackThis.msi
[2013/12/23 20:35:14 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/12/23 16:41:27 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/12/18 09:39:54 | 005,099,680 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/12/15 12:05:26 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2013/12/04 01:05:48 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013/12/04 01:05:48 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/03 13:34:18 | 000,000,000 | ---- | M] () -- C:\Users\Lam\regbcm
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/27 11:49:01 | 000,000,758 | ---- | C] () -- C:\Users\Lam\Desktop\PC Cleaner Pro.lnk
[2013/12/26 18:37:05 | 177,111,537 | ---- | C] () -- C:\Users\Lam\Desktop\[CNT]_Naruto_Shippuuden_343_v2_[D1C987FF].mkv
[2013/12/25 13:54:54 | 004,359,168 | ---- | C] () -- C:\Users\Lam\Desktop\RogueKillerX64.exe
[2013/12/24 13:48:51 | 001,233,962 | ---- | C] () -- C:\Users\Lam\Desktop\adwcleaner.exe
[2013/12/24 09:55:30 | 000,002,997 | ---- | C] () -- C:\Users\Lam\Desktop\HiJackThis.lnk
[2013/12/24 09:53:48 | 001,402,880 | ---- | C] () -- C:\Users\Lam\Desktop\HiJackThis.msi
[2013/12/23 20:35:14 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/12/23 16:41:27 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/12/15 12:05:26 | 000,001,160 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2013/12/14 16:50:37 | 000,385,528 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013/12/14 16:21:24 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-908574775-679172992-511979433-1002UA.job
[2013/12/14 16:21:24 | 000,000,912 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-908574775-679172992-511979433-1002Core.job
[2013/12/03 13:34:18 | 000,000,000 | ---- | C] () -- C:\Users\Lam\regbcm
[2013/10/25 07:37:21 | 000,598,384 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
[2013/10/25 07:37:15 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/25 07:37:14 | 000,754,652 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
[2013/10/20 07:41:48 | 000,000,616 | RHS- | C] () -- C:\Users\Lam\ntuser.pol
[2013/10/12 09:20:24 | 000,000,184 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2013/10/03 22:42:46 | 000,343,040 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/03 22:42:38 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 04:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/06/25 13:22:51 | 000,007,606 | ---- | C] () -- C:\Users\Lam\AppData\Local\Resmon.ResmonCfg
[2012/12/05 05:22:46 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012/07/25 21:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/07/25 21:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012/04/20 22:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/05 21:21:27 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/05 19:51:37 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/12/23 16:35:04 | 000,000,000 | ---D | M] -- C:\Users\Lam\AppData\Roaming\ESET
[2013/07/20 09:32:33 | 000,000,000 | ---D | M] -- C:\Users\Lam\AppData\Roaming\Samsung
[2013/08/19 04:27:58 | 000,000,000 | ---D | M] -- C:\Users\Lam\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/07/06 09:09:26 | 000,000,000 | ---D | M] -- C:\Users\Lam\AppData\Roaming\TuneUp Software
[2013/12/20 09:27:20 | 000,000,000 | ---D | M] -- C:\Users\Lam\AppData\Roaming\uTorrent
[2013/11/25 22:53:13 | 000,000,000 | ---D | M] -- C:\Users\Lam\AppData\Roaming\Wondershare

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> C:\Users\Lam\SkyDrive.old:ms-properties
@Alternate Data Stream - 200 bytes -> C:\Users\Lam\SkyDrive:ms-properties
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:373E1720

< End of report >